Home page logo

bugtraq logo Bugtraq mailing list archives

Re: passwd hashing algorithm
From: rhaas () cygnus arc nasa gov (Robert M. Haas)
Date: Sat, 15 Apr 1995 23:56:32 -0700

The point is, however, that DES isn't used in crypt(3) as a cipher but
as a weird hash function over an eight byte value, the password, and

Strengthening the password encryption algorithm strikes me as putting a
tighter lock on the door when the window is standing wide open... if
someone really wants to break into your machine, they can put a sniffer 
on your network, and it won't matter how good your encryption algorithm 
is.  Admittedly it's a little harder to get a sniffer running on a
network than crack, but even so, reusable passwords are doomed...


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]