Cryptography

From Hackepedia
Revision as of 03:14, 9 October 2005 by Pbug (talk | contribs)
Jump to navigationJump to search

Cryptography is the method for distorting plain text so that it is unreadable by someone other than the intended recipient. For example, someone that is using a packet sniffer (see bpf) to listen in on network connection. Only if this third party knows the secret key to the ciphertext will they break the encryption and be able to see the plaintext. Anyone using plain text protocols these days is as stupid as sshd is free.

Cryptography found in UNIX

Early passwords databases were not encrypted and since they were not shadowed this allowed anyone on a system to log in as the system administrator. The programmers rejected this by implementing a One way hash of DES to "encrypt" passwords as part of the crypt(3) function. It was impossible to decrypt these passwords since they were a modified version of DES, so in order to know if someone had the right password the plain text would be encrypted and the result compared with the crypt of the password database, if they matched a user would be granted access. As computers became faster so did the speed at which DES would be cracked. An amd64 3500+ running OpenBSD using the systems crypt(3) functions can hash 121,000 passwords in 1 second in 2005. So a slower hash algorithm was needed and one that could take more than 8 characters for the passwords. Many Operating Systems have implemented MD5 hashing which does 1880 crypts per second on the aforementioned OpenBSD system. OpenBSD went even further and designed an interesting hash of blowfish that has a variable setting for rounds that blowfish will encrypt the hash with the string "OrpheanBeholderScryDoubt" 64 times per round. The result is that with 12 rounds a crypt will do 2 passwords in 1 second.

Retrieved from "https://hackepedia.org/?title=Cryptography&oldid=168"