Yet Another useful paper
Matthew Francey
mdf at ziebmef.uucp
Tue Dec 27 06:12:07 AEST 1988
In article <12750 at bellcore.bellcore.com>, karn at ka9q.bellcore.com (Phil Karn) writes:
> I'd also like to see a standard "key crunching"
> algorithm for transforming a password (or phrase) longer than 8 characters
> into a 56-bit DES key. Such a standard would be useful for encryption
> programs as well. A 56-bit search space is well beyond the brute-force
> abilities of most crackers (though perhaps not the NSA) **IF** the keys are
> widely and evenly distributed within it.
But what will this accomplish is the password file is readable and the
encrpytion method (key crunching and all) public? The cracker would simply
crunch her dictionary, and continue as before.
A possible solution is to have each site pick its own secret encryption
method (for example, start with a non-zero block). Could it remain secret
for a long long time (years... it would be a major pain changing it)?
Probably not, since anyone could disassemble passwd...
--
Name: Matthew Francey Address: N43o34'13.5" W79o34'33.3" 86m
mdf at ziebmef.UUCP uunet!utgpu!{ontmoh!moore,ncrcan}!ziebmef!mdf
More information about the Comp.unix.wizards
mailing list