[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re:Snake Oil (from the Feb 99 Crypto-Gram)
This is what Unix uses for passwords as I recall. That way no one can
"decrypt" the password, only brute force attack it. It involves the
alogrithm, a "Salt string" and your password. It would be unusable because
there is no way to decrypt the message. Unix reencrypts your password and
compares that to the encrypted one saved in passwd or shadow. You can see
why this would not be effective to encrypt messages/etc. You can look at
the code in any Linux distro if you want to see the alogrithm.
Another good reference is Applied Crypto which should be available in any
decent book store or online.