Subject: Re: Problems mounting filesystems - 1.3.2
To: None <current-users@NetBSD.ORG>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: current-users
Date: 07/16/1998 14:55:09
>>> Because there is no non-exportable version of the algorythms used
>>> for password encription.  [...]
>>> All the export-controlled algorythms can easily decript encrypted
>>> text.  That's why they are export-controlled. :-)

This sounds a little confused.

Passwords are not "encrypted" in the usual sense of the term.  The text
form that is stored is a (printable encoding of) a salted one-way
function of the password.  I know offhand of three different one-way
functions that are used for the purpose.

Confusing the issue is that the commonest by far of these algorithms
*is* based on real encryption, though it's not as simple as just
encrypting the password, and (as the poster may have known but it's not
clear in the above text) even a fully functional libcrypt is not
capable of turning a hashed password back into its cleartext form (or
the hashing would grant confer security at all, in practice).

					der Mouse

		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B