Re: passwd hashing algorithm

Charles Howes (chowes@helix.net)
Fri, 14 Apr 1995 12:07:47 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Perry E. Metzger: "Re: passwd hashing algorithm"
Previous message: Frank Byrum: "Re: Pointer to a process's credential structure?"

On 13 Apr 1995, Louis Taber wrote:

> My take on this is that encryption is NOT the way to go.   This would 
> mean that there exists a key that could decrypt the entire password file.
> On this count triple DES is no better than regular DES.  From my 
> understanding the MD5 would work well.  It is non-reversible.
> 
> Louis
>  
> Louis Taber                                                   ltaber@pima.edu
> Pima Community College, Computer Science, 2202 W. Anklam Rd, Tucson, AZ 85709
> (520) 884-6039 Secretary / (520) 884-6850 Office direct

There is no key that could decrypt the entire password file.

The password entries are blocks of zeroes encrypted with the users' passwords.

Finding the key from the encrypted output of des is hard.  It involves
having a large table of passwords and their encrypted outputs.

How many passwords?  All of them.

MD5 would be better, because it would require a much larger table in
order to reverse it.

One thing I find very cool is that MD5 is exportable, and can be used
very easily for very strong encryption.  The strength depends on the
very strong non-reversability.
--
Charles Howes -- chowes@helix.net
 Always tell the truth, then you make it the other bloke's problem! 
 - Sean Connery, 1971

Next message: Perry E. Metzger: "Re: passwd hashing algorithm"
Previous message: Frank Byrum: "Re: Pointer to a process's credential structure?"