1996-11-17 - Re: RFC: A UNIX crypt(3) replacement

Header Data

From: Adam Shostack <adam@homeport.org>
To: deviant@pooh-corner.com (The Deviant)
Message Hash: 64784d3c2350dfdd9eae677c212fa07f0211f0800294f02853ecf8c8f124fcd2
Message ID: <199611171432.JAA02213@homeport.org>
Reply To: <Pine.LNX.3.94.961117141454.2208A-100000@random.sp.org>
UTC Datetime: 1996-11-17 14:35:40 UTC
Raw Date: Sun, 17 Nov 1996 06:35:40 -0800 (PST)

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Sun, 17 Nov 1996 06:35:40 -0800 (PST)
To: deviant@pooh-corner.com (The Deviant)
Subject: Re: RFC: A UNIX crypt(3) replacement
In-Reply-To: <Pine.LNX.3.94.961117141454.2208A-100000@random.sp.org>
Message-ID: <199611171432.JAA02213@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain


The Deviant wrote:
| On Sat, 16 Nov 1996, Joshua E. Hill wrote:
| > 	I'm trying to think of a function to replace UNIX's crypt(3).  
| > My design criteria are as follows:

| Why? UNIX passwords with password shadowing are as secure as any password
| system is going to get.  If your security holes are with passwords, its
| because your admin is to lazy to install needed security provissions, not
| because the system of checking passwords is bad.

	A longer salt would make running crack against a large
password file slower.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume







Thread