Commit | Line | Data |
---|---|---|
6ea1178a NW |
1 | I have implemented the little "scrambler" algorithm I spoke of a few days |
2 | ago. Below is a lib/other/crypt.c function (compressed-uuencoded) that does | |
3 | the trick. As an example, here's a little comparison between Minix 1.5 crypt | |
4 | and mine. Four crypted values are shown: | |
5 | ||
6 | Salt Password Minix crypt() My crypt() | |
7 | -- ----------- ------------- ------------- | |
8 | 00 "password" 00|0WFy1B8Tz| 001dcsc5Sh3TQ | |
9 | 00 "Password" 00|0WFy1B8Tv| 00rTQYCDHmeRY | |
10 | 00 "password " 00|0WFy1B8Tz| 00pzqMhV9et9M | |
11 | 03 "password" 03z||meFy1B8T 03nJJegU4/CEg | |
12 | ||
13 | You (of course) immediately notice that using upper-lowercase does not | |
14 | significatively change the password, nor changing the salt value, and that | |
15 | characters after the 8th are entirely unsignificant. In mine, however, | |
16 | everything is significant, even the 255th character of the password | |
17 | (basically, the 637 first characters are significant and 512 more have the | |
18 | potential of being used!!!). This is because of the CRC property of | |
19 | "spreading" significantly bits over a large place; every bit in the result | |
20 | depend of nearly every bit in the source in some complicated manner. | |
21 | ||
22 | Thos Sumner pointed out two algorithms for crypting that were posted recently, | |
23 | but since I do not have the full news (I get comp.os.minix thru the Bitnet | |
24 | mailing list), I don't know what to do with them. Anyway, my crypt() is | |
25 | perfectly compatible with Unix/Minix operation, so it's better in that respect. | |
26 | ||
27 | He also suggested using a machine-dependant (by machine, I mean SITE-dependant) | |
28 | info to discourage theft of /etc/passwd files for decryption at leisure. Is | |
29 | there such an info available on Minix in a standard way? Anyway, you'll notice | |
30 | that, even using mixs of chars, shorts, longs and 6-bits blocks the results | |
31 | are the same on 68000 and xxx86, even with the different byte ordering (this | |
32 | was not intended :-) | |
33 | ||
34 | Vincent Archer | |
35 |