Return to BSD News archive
Path: sserve!manuel!munnari.oz.au!hp9000.csc.cuhk.hk!uakari.primate.wisc.edu!sdd.hp.com!apollo.hp.com!netnews From: sommerfeld@apollo.hp.com (Bill Sommerfeld) Newsgroups: comp.unix.bsd Subject: Re: adding data encryption Message-ID: <SOMMERFELD.92Jul31133018@gourmet.apollo.hp.com> Date: 31 Jul 92 17:29:25 GMT References: <92213.095633KLAWITT@DMSWWU1A.UNI-MUENSTER.DE> Sender: usenet@apollo.hp.com (Usenet News) Organization: Hewlett Packard Lines: 22 In-Reply-To: Holger Klawitter, Informatik's message of Friday, 31 Jul 1992 09:56:33 MES Nntp-Posting-Host: gourmet.ch.apollo.hp.com In article <92213.095633KLAWITT@DMSWWU1A.UNI-MUENSTER.DE> Holger Klawitter, Informatik <KLAWITT@DMSWWU1A.UNI-MUENSTER.DE> writes: I miss the possibility to include a crypt command into 386bsd. Ok, ok I know its illegal to ship it outside the USA, but is there any europeen (or any other non -american) site out there where the crypt source can be taken from? (To avoid any flames: in europe we are also interested in .passwd files which to NOT contain the password in literal) How about using a different one-way function, like MD5, which is (a) strong (there are those who claim it's stronger than DES), and (b) exportable? The sources for an implementation of MD5 in C are in the body of RFC1321. It converts a bit string into a 16-byte binary message digest; To use this for a crypt() replacement, crank the plaintext+salt through MD5, take the 16 byte message digest, encode it using the same mod-64 encoding as crypt (to generate a 22 character string), prepend the salt (hopefully longer than 2 characters :-) ), and use that as the "crypted" string.