[1553] in bugtraq
Re: passwd hashing algorithm
daemon@ATHENA.MIT.EDU (Paul C Leyland)
Thu Apr 20 10:01:21 1995
Date: Thu, 20 Apr 1995 12:29:46 +0100
From: pcl@foo.oucs.ox.ac.uk (Paul C Leyland)
To: dawagner@phoenix.Princeton.EDU
Cc: bugtraq@fc.net
"David A. Wagner" <dawagner@phoenix.Princeton.EDU> wrote:
> > > > > 1. 25 iterations of DES with the first 8 bytes of the
> > > > > password as key, followed by 25 iterations of DES
> > > > > with the second 8 bytes of password as key.
> >
> > You've obviously got something else in mind. By all means, please tell
> > me how you're going to do it in 2^32 DES steps (still 2^35 (32 GB) bytes of
> > storage, a non-trivial sum.) Details and crypto-babble welcome:)
> >
>
> Ok, here's the explanation. I'd love to hear feedback about
> whether this is on charter for bugtraq; if it's not, email me
> and I'll avoid spamming y'all in the future.
Likewise, if the appended source code for my re-implementation of
DEC's buggy crypt16() is unacceptable.
> I'm interested in hearing more information about the
> OSF/1 or Ultrix hash function -- is there any place where
> I can get source or anything? I have access to one OSF/1
> box, but it doesn't have any man pages or anything on a
> crypt16().
Below is the stuff I wrote for Michael Glad's UFC to implement
crypt16(). If you need more context, you'll need to get hold of UFC
from your favourite crypto archive.
Unfortunately, I've lost my re-discovery of the OSF/1 bigcrypt()
algorithm. DEC are *very* reticent about letting details out and its
documentation is virtually non-existent. However, examination of the
contents of /tcb/files/auth/p/pcl as I changed my password, together
with a few astute guesses, was all that were required.
If I find the bigcrypt() code again, I'll post it.
Paul
8<---------------------------Snipped from UFC----------------------->8
/*
* Ultrix crypt16 function, thanks to pcl@convex.oxford.ac.uk (Paul Leyland)
*/
char *crypt16(key, salt)
char *key, *salt;
{ ufc_long *s, *t;
char ktab[9], ttab[9];
static char q[14], res[25];
/*
* Hack DES tables according to salt
*/
setup_salt(salt);
/*
* Setup key schedule
*/
clearmem(ktab, sizeof ktab);
(void)strncpy(ktab, key, 8);
ufc_mk_keytab(ktab);
/*
* Go for first 20 DES encryptions
*/
s = _ufc_doit((ufc_long)0, (ufc_long)0,
(ufc_long)0, (ufc_long)0, (ufc_long)20);
/*
* And convert back to 6 bit ASCII
*/
strcpy (res, output_conversion(s[0], s[1], salt));
clearmem(ttab, sizeof ttab);
if (strlen (key) > 8) (void)strncpy(ttab, key+8, 8);
ufc_mk_keytab(ttab);
/*
* Go for second 5 DES encryptions
*/
t = _ufc_doit((ufc_long)0, (ufc_long)0,
(ufc_long)0, (ufc_long)0, (ufc_long)5);
/*
* And convert back to 6 bit ASCII
*/
strcpy (q, output_conversion(t[0], t[1], salt));
strcpy (res+13, q+2);
clearmem(ktab, sizeof ktab);
(void)strncpy(ktab, key, 8);
ufc_mk_keytab(ktab);
return res;
}
