md5 salt

From: Charles Sprickman (spork_at_inch.com)
Date: 09/16/03

Next message: Mike Tancsa: "Fwd: Re: [Full-Disclosure] new ssh exploit?"

Previous message: Bruce M Simpson: "Cyrus SASL 2 fixes for MySQL"
Next in thread: Peter Pentchev: "Re: md5 salt"
Reply: Peter Pentchev: "Re: md5 salt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 15 Sep 2003 18:10:04 -0400 (EDT)
To: freebsd-security@freebsd.org

Hi,

I was looking at the crypt(3) manpage, and I'm having a hard time figuring
out what the allowed characters are for the salt in md5 and blowfish
encryption. For DES, it clearly states that only numbers, letters and
digits may be used.

Does anyone know the rules for md5/blowfish salt characters?

Thanks,

Charles

--
Charles Sprickman
spork@inch.com
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Next message: Mike Tancsa: "Fwd: Re: [Full-Disclosure] new ssh exploit?"

Previous message: Bruce M Simpson: "Cyrus SASL 2 fixes for MySQL"
Next in thread: Peter Pentchev: "Re: md5 salt"
Reply: Peter Pentchev: "Re: md5 salt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: virtue of salted passwords
... >going to be easy if you have a salt. ... classic UNIX passwd mechanism, as you are referring to web pages. ... and the remaining 11 characters is the hash. ...
(alt.computer.security)
Re: allowed (possible) symbols for salt, plain and cypher text of DES
... >for salt, plain text and cypher text of a Standard DES implementation, ... i just found some information for the salt. ... The possible plaintext characters are any ...
(sci.crypt)
Re: virtue of salted passwords
... >search is to append the salt to every word. ... the login authentication takes the characters ... If the hash just created matches - you're in. ... The reason for the salt was that originally, the password file was ...
(alt.computer.security)
Re: Simple VB.NET Web Application Encryption/Decryption of password
... 88 characters. ... The example posted above creates a randomly sized salt, ... you should look into doing an iterative hash. ... > of string field that I would need in the database - I had strings returned ...
(microsoft.public.dotnet.security)
Re: Login application
... > Two characters for DES based passwords. ... No doubt that you can pass crypta pointer to the old encrypted password as ... the 'salt' value, and let cryptpick out the salt characters. ...
(comp.os.linux.development.system)