[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] booting password crackers...
- Subject: Re: [cobalt-security] booting password crackers...
- From: jk@xxxxxxxxxxxx (Jens Kristian Søgaard)
- Date: 29 May 2000 02:32:17 +0200
Mike Vanecek <nospam99@xxxxxxxxxxxx> writes:
> Why is it that when I use this url to generate passwords for userid root and
> password "hahaha really think weare sooo damn stupid" that I get different
> results each time?:
> root:upWhLNhcx8XnA
> root:fdEFJIU.vqXV6
> Obviously, the encryption algorithm has some randomness to it??
What you see is the effect of the so called "salt" that was introduced
to the Unix password protection scheme by Morris (you remember, his
son were the guy that broke the internet with the internet worm).
To take the first example you give:
root:upWhLNhcx8XnA
Here
root
is the username
:
seperates parts in a passwd/shadow file
up
is the salt
WhLNhcx8XnA
is the encrypted password
When you make a new password, you take two random chars (called a
"salt"). These two chars are prepended to the password and encrypted
along with the rest. But the salt is also stored in _cleartext_ as the
two first bytes of the password field in passwd/shadow files.
This means that if you want to check a password, you first add the two
salt bytes, encrypt - and compare to what's stored in the password
file.
The advantage of the salt scheme is, that an attacker cannot create a
large "dictonary" or "database" of encrypted passwords. Like:
secret = eI2Ls9
two = l8YeHs
Adding these two saltbytes adds a lot of new possibilities, which
means that he would have to store a dictonary like this:
01secret = 01eI2Ls9
02secret = 02aldAJs
03secret = 03sdJKsd
etc.
This makes it bad idea to try making a complete "reference" to
passwords, as the diskspace needed is enormous.
--
Jens Kristian Søgaard,
jk@xxxxxxxxxxxx -- http://www.jksoegaard.dk/
Søger du noget? -- http://www.google.com/
echo|perl -ple'$_+=4E-6*!int rand()**2+rand()**2while$i++-1E6'