From: presotto@plan9.bell-labs.com
To: 9fans@cse.psu.edu
Subject: Re: [9fans] passtokey question
Date: Wed, 11 Dec 2002 22:25:26 -0500 [thread overview]
Message-ID: <6f12e91dbc4ee6c9cd5b2bf33429ac06@plan9.bell-labs.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 433 bytes --]
The original passtokey took a (at most) 8 byte key and turned it into
a 56 bit DES key. The easiest way to do it was to throw out the
high order bit since it conveyed no information in ASCII, a 7 bit
encodeing. It survived our excursion into UTF encoding mostly
by inertia and a desire not to retype everyone's keys into the
auth server should we do something else, like take 56 bits of the
sha1 encoding of the key + a salt.
[-- Attachment #2: Type: message/rfc822, Size: 2025 bytes --]
From: "Roman V. Shaposhnick" <vugluskr@unicorn.math.spbu.ru>
To: 9fans@cse.psu.edu
Subject: [9fans] passtokey question
Date: Thu, 12 Dec 2002 05:57:35 +0300
Message-ID: <20021212055735.A2709@unicorn.math.spbu.ru>
I'm quite new to the world of auth related algorithms, so my question
might be a FAQish one, but nevertheless, here it is anyway. Why
passtokey works the way it does. I suppose there were some security
related considerations, by I can't seem to grasp, why, for example,
this is being done:
for(i = 0; i < DESKEYLEN; i++)
key[i] = (t[i] >> i) + (t[i+1] << (8 - (i+1)));
where you kinda shuffle bytes around, but why ? Just to stuff
8 bytes from t into 7 bytes of key ?
On the similar note, why did you chose to re-encode parts of t with
a previous key, and not some other way of stuffing long passwords
into 7bytes long DES key ?
Thanks,
Roman.
next reply other threads:[~2002-12-12 3:25 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-12-12 3:25 presotto [this message]
2002-12-12 5:14 ` Roman V. Shaposhnick
-- strict thread matches above, loose matches on Subject: below --
2002-12-12 14:06 presotto
2002-12-12 2:57 Roman V. Shaposhnick
2002-12-12 10:13 ` Boyd Roberts
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6f12e91dbc4ee6c9cd5b2bf33429ac06@plan9.bell-labs.com \
--to=presotto@plan9.bell-labs.com \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).