[making up to 16 char passwords by overlapping 8-char strings]
>>The alternate scheme you mention (in the part I cut) of encrypting the
>>first 8 characters and the last 8 seems to me to result in a 16 char
>>keyspace. Clever.
>
>Unfortunately, it doesn't perform strong mixing and thus does not produce
>a result as strong as its 16 character length implies.
>From the crypto-purist point of view, I certainly would not argue with that;
part of the reason I came up with that algorithm was to try and support minimal
effort backwards compatability on an ancient networked system, where I could
poke the standard:
if (!strcmp(plaintext, ciphertext), ciphertext)) {
...mantra, into:
if (!strncmp(plaintext, ciphertext), ciphertext), 13) {
...for the small number of systems which could not be seriously overhauled to
use a decent crypt() replacement, for lack of source code; the first 13 chars
of the ciphertext in the modified algorithm are equivalent to a traditional
crypt, and in this limited circumstance it was useful to exploit that feature.
Of course, backwards compatability is a ***BAD*** thing in authentication
(ref: WinNT) - nonetheless, I consider it a neat toy hack, whose strength is
dependent upon the effectiveness of the DES mixing in crypt, and to practical
limitations it is pretty good.
>As you can see, the only proper way of increasing the effective length of
>a password is to use a cryptographic hash algorithm or implement a scheme
>of thorough plaintext mixing. Look into the efforts of expanding DES for
>good examples of how to mix plaintext properly.
Quite. In these days of ubiquitous access to MD5 and SHA-1 algorithms, it
would be insane to use anything less.
- alec
--
alec muffett, sun professional services, alec.muffett @ uk.sun.com
#4 - goading fierce man
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:39:09 PDT