Bugtraq mailing list archives
Re: passwd hashing algorithm
From: jfh () rpp386 cactus org (John F. Haugh II)
Date: Sun, 23 Apr 95 7:37:11 CDT
Unfortunately, I've lost my re-discovery of the OSF/1 bigcrypt() algorithm. DEC are *very* reticent about letting details out and its documentation is virtually non-existent. However, examination of the contents of /tcb/files/auth/p/pcl as I changed my password, together with a few astute guesses, was all that were required. If I find the bigcrypt() code again, I'll post it.
Is this it? The code inside of SW_CRYPT was sent to me some time back with the claim that it re-implemented the SecureWare crypt() function as in OSF/1. -- /* * Copyright 1990, 1993, John F. Haugh II * All rights reserved. * * Permission is granted to copy and create derivative works for any * non-commercial purpose, provided this copyright notice is preserved * in all copies of source code, or included in human readable form * and conspicuously displayed on all copies of object code or * distribution media. * * This software is provided on an AS-IS basis and the author makes * no warrantee of any kind. */ #include <string.h> #include "config.h" #ifndef lint static char sccsid[] = "@(#)encrypt.c 3.5 07:45:28 22 Apr 1993"; #endif extern char *crypt(); char * pw_encrypt (clear, salt) char *clear; char *salt; { #ifdef SW_CRYPT static char cipher[128]; #else static char cipher[32]; #endif static int count; char newsalt[2]; char *cp; long now; /* * See if a new salt is needed and get a few random * bits of information. The amount of randomness is * probably not all that crucial since the salt only * serves to thwart a dictionary attack. */ if (salt == (char *) 0) { now = time ((long *) 0) + count++; now ^= clock (); now ^= getpid (); now = ((now >> 12) ^ (now)) & 07777; newsalt[0] = i64c ((now >> 6) & 077); newsalt[1] = i64c (now & 077); salt = newsalt; } #ifdef SW_CRYPT /* * Copy over the salt. It is always the first two * characters of the string. */ cipher[0] = salt[0]; cipher[1] = salt[1]; cipher[2] = '\0'; /* * Loop up to ten times on the cleartext password. * This is because the input limit for passwords is * 80 characters. * * The initial salt is that provided by the user, or the * one generated above. The subsequent salts are gotten * from the first two characters of the previous encrypted * block of characters. */ for (count = 0;count < 10;count++) { cp = crypt (clear, salt); strcat (cipher, cp + 2); salt = cipher + 11 * count + 2; if (strlen (clear) > 8) clear += 8; else break; } #else cp = crypt (clear, salt); strcpy (cipher, cp); #ifdef DOUBLESIZE if (strlen (clear) > 8) { cp = crypt (clear + 8, salt); strcat (cipher, cp + 2); } #endif /* DOUBLESIZE */ #endif /* SW_CRYPT */ return cipher; } -- John F. Haugh II [ NRA-ILA ] [ Kill Barney ] !'s: ...!cs.utexas.edu!rpp386!jfh Ma Bell: (512) 251-2151 [GOP][DoF #17][PADI][ENTJ] @'s: jfh () rpp386 cactus org
Current thread:
- RE: virus, (continued)
- RE: virus Erich W. Gunther (Apr 23)
- Re: passwd hashing algorithm David Miller (Apr 19)
- Re: passwd hashing algorithm David A. Wagner (Apr 19)
- Re: passwd hashing algorithm John F. Haugh II (Apr 21)
- AntiFlash talkd Richard Allen (Apr 19)
- Re: AntiFlash talkd James M. Golovich (Apr 19)
- Password Storage as Environment Variable Bill Bradley (Apr 19)
- Re: passwd hashing algorithm John F. Haugh II (Apr 23)
- Re: passwd hashing algorithm Marek Michalkiewicz (Apr 24)