*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Linux man pages -> crypt (3)              



NAME    [Toc]    [Back]

       crypt - password and data encryption

SYNOPSIS    [Toc]    [Back]

       #include <crypt.h>

       char *crypt(const char *key, const char *salt);

DESCRIPTION    [Toc]    [Back]

       crypt  provides	acess  to two algorithms for password encryption.  One
       it's based on the Data Encryption Standard  algorithm  with  variations
       intended (among other things) to discourage use of hardware implementations
 of a key search.

       key is a user's typed password.

       salt is a two-character string chosen from the set [a-zA-Z0-9./].  This
       string  is used to perturb the algorithm in one of 4096 different ways.

       By taking the lowest 7 bit of each character of the key, a  56-bit  key
       is  obtained.  This 56-bit key is used to encrypt repeatedly a constant
       string (usually a string consisting of all zeros).  The returned  value
       points  to the encrypted password, a series of 13 printable ASCII characters
 (the first two  characters  represent  the  salt	itself).   The
       return value points to static data whose content is overwritten by each

       Warning: The key space consists of 2**56 equal 7.2e16 possible  values.
       Exhaustive searches of this key space are possible using massively parallel
 computers.  Software, such as crack(1), is available  which  will
       search  the  portion of this key space that is generally used by humans
       for passwords.  Hence, password selection  should,  at  minimum,  avoid
       common words and names.	The use of a passwd(1) program that checks for
       crackable passwords during the selection process is recommended.

       The DES algorithm itself has a few quirks which make  the  use  of  the
       crypt(3)  interface a very poor choice for anything other than password
       authentication.	If you are planning on using  the  crypt(3)  interface
       for  a cryptography project, don't do it: get a good book on encryption
       and one of the widely available DES libraries.

RETURN VALUE    [Toc]    [Back]

       A pointer to the encrypted password is returned.   On  error,  NULL  is

ERRORS    [Toc]    [Back]

       ENOSYS The  crypt  function  was  not  implemented, probably because of
	      U.S.A. export restrictions.

       If the salt starts with $1$ an MD5 based password hashing algorithm  is
       applied.  The  salt  should consist off $1$ followed with eight characters.

       Programs using this function must be linked with -lcrypt.

CONFORMING TO    [Toc]    [Back]

       SVID, X/OPEN, BSD 4.3

SEE ALSO    [Toc]    [Back]

       login(1), passwd(1), encrypt(3), getpass(3), passwd(5)

				  1994-09-03			      CRYPT(3)
[ Back ]
 Similar pages
Name OS Title
des_key_sched Tru64 Data Encryption Standard (DES) encryption library routines (Auth)
des_string_to_key Tru64 Data Encryption Standard (DES) encryption library routines (Auth)
des_is_weak_key Tru64 Data Encryption Standard (DES) encryption library routines (Auth)
des_crypt Tru64 Data Encryption Standard (DES) encryption library routines (Auth)
des_quad_cksum Tru64 Data Encryption Standard (DES) encryption library routines (Auth)
setkey NetBSD password encryption
crypt NetBSD password encryption
encrypt NetBSD password encryption
crypt IRIX password and file encryption functions
EVP_BytesToKey OpenBSD password based encryption routine
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service