Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 5 Jan 2002 19:39:39 +0000
From:      Rik <freebsd-security@rikrose.net>
To:        freebsd-security@freebsd.org
Subject:   Re: MS5 password salt calculation
Message-ID:  <20020105193939.A7927@spoon.pkl.net>
In-Reply-To: <20011230013854.A39364@wjv.com>; from bv@wjv.com on Sun, Dec 30, 2001 at 01:38:54AM -0500
References:  <bulk.34219.20011229215845@hub.freebsd.org> <20011230013854.A39364@wjv.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
I've been thinking about this Modulær Crypt Format, and wondering what
it's capable of, and where the docs are for it...

On Sun, Dec 30, 2001 at 01:38:54AM -0500, Bill Vermillion wrote:
> You can't say that $1$ 'caught on' as that's the way it is defined
> to indicate what follows. The $1$ indicates the following is an MD5.
> I was looking for the docs the other day, and from memory if the
> first characters are $5$, then that indicates that the following
> string would be blowfish encryption. You should also not that the
> next $ is the salt separator, and on my system there are typically 8
> digits after $1$ and before the next $, for 2trillion+ salts.

I've mailed Bill, and he doesn't know of any *good* docs about it. The
best I've found is man 3 crypt, and the best Google can find is more
copies of man 3 crypt, usually out of date.

Are there any better docs about Modular Crypt Format (to give it the
proper title).

The man page says:
If the salt begins with the string $digit$ then the Modular Crypt Format
is used.  The digit represents which algorithm is used in encryption.

But in what way does it represent it? Is there a lookup table somewhere?
If so, where? The "currently supported algorithms list" on the man page
says $1$ == MD5 and $2$ == Blowfish. Assuming blowfish works, then if I
ran perl -le 'print crypt( "meow", "\$2\$SALT" )' ought to yield a
blowfish crypted password, shouldn't it? It doesn't, AFAICS.

rik
-- 
PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org
Key fingerprint = 5EB1 4C63 9FAD D87B 854C  3DED 1408 ED77 D272 9A3F
Public key also encoded with outguess on http://rikrose.net

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020105193939.A7927>