crypt function mode

[Sudarshan Soma]

Hi Martin, when you say the following:
"These are for symmetric encryption, the crypt function uses  them as
a one way hash (that why the later versions use MD5)."

Does the crypt function use any of the block cipher mode with little
modifications. Please clarify.

Thanks and Best Regards,
Pavan

On Sun, Apr 19, 2009 at 8:18 AM, Sudarshan Soma <sudarshan12s at gmail.com> wrote:
> On Fri, Apr 17, 2009 at 9:48 PM, Martin <inkubus at interalpha.co.uk> wrote:
>> On Fri, 2009-04-17 at 12:00 -0400, pam-list-request at redhat.com wrote:
>>
>>> -------- Forwarded Message --------
>>> From: Sudarshan Soma <sudarshan12s at gmail.com>
>>> Reply-To: Pluggable Authentication Modules <pam-list at redhat.com>
>>> To: Pluggable Authentication Modules <pam-list at redhat.com>
>>> Subject: crypt function mode
>>> Date: Fri, 17 Apr 2009 20:36:07 +0530
>>>
>>> Hi All,
>>> Can anyone please let me know what block ciphers mode( Electronic
>>> Codebook Mode (ECB) , Cipher Blockchaining Mode (CBC),..)
>>>  does the crypt function used in pam_unix use.
>> It doesn't.  These are for symmetric encryption, the crypt function uses
>> them as a one way hash (that why the later versions use MD5).
>>
> [Pavan] Thanks Martin. I was bit confused when it says that crypt uses
> modified form of DES algorithm
> (http://en.wikipedia.org/wiki/Crypt_(Unix)#Modifications_of_the_traditional_scheme).
>
> So these cipher modes are not applicable for storing/verifying
> passwords using crypt. My requirement is to make  passwds more secure.
> I think enabling shadow passwds(using pwconv) and MD5 hashes
> (etc/sysconfig/authconfig) would be enough as the first step.
>
>>> Please suggest me any pointers , if this is more of the crypt function
>>> question.
>> You might try reading the code; it's about as good a description as any.
>>
>> Cheers,
>>  - Martin
>>
>>
>> _______________________________________________
>> Pam-list mailing list
>> Pam-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/pam-list
>>
>