From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Roman V. Shaposhnick" To: 9fans@cse.psu.edu Subject: Re: [9fans] passtokey question Message-ID: <20021212081439.A3309@unicorn.math.spbu.ru> References: <6f12e91dbc4ee6c9cd5b2bf33429ac06@plan9.bell-labs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <6f12e91dbc4ee6c9cd5b2bf33429ac06@plan9.bell-labs.com> Date: Thu, 12 Dec 2002 08:14:39 +0300 Topicbox-Message-UUID: 32ed1344-eacb-11e9-9e20-41e7f4b1d025 On Wed, Dec 11, 2002 at 10:25:26PM -0500, presotto@plan9.bell-labs.com wrote: > The original passtokey took a (at most) 8 byte key and turned it into > a 56 bit DES key. The easiest way to do it was to throw out the > high order bit since it conveyed no information in ASCII, a 7 bit > encodeing. It survived our excursion into UTF encoding mostly > by inertia and a desire not to retype everyone's keys into the > auth server should we do something else, like take 56 bits of the > sha1 encoding of the key + a salt. Thanks. That explains the first part very nicely, but what about the second part, where you're using key built-so-far to econde the rest of the given password over and over again ? Is there something special about this approach, or is it there by a mere chance ? Thanks, Roman. P.S. Pardon my ignorance, but do you know about any other softwre that has something similat to passtokey ?