Subject: Re: Problems mounting filesystems - 1.3.2
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: current-users
Date: 07/16/1998 14:55:09
>>> Because there is no non-exportable version of the algorythms used
>>> for password encription. [...]
>>> All the export-controlled algorythms can easily decript encrypted
>>> text. That's why they are export-controlled. :-)
This sounds a little confused.
Passwords are not "encrypted" in the usual sense of the term. The text
form that is stored is a (printable encoding of) a salted one-way
function of the password. I know offhand of three different one-way
functions that are used for the purpose.
Confusing the issue is that the commonest by far of these algorithms
*is* based on real encryption, though it's not as simple as just
encrypting the password, and (as the poster may have known but it's not
clear in the above text) even a fully functional libcrypt is not
capable of turning a hashed password back into its cleartext form (or
the hashing would grant confer security at all, in practice).
der Mouse
mouse@rodents.montreal.qc.ca
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B