LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Encryption vs hashing

Encryption vs hashing

Posted Mar 22, 2012 20:08 UTC (Thu) by anselm (subscriber, #2796)
In reply to: Encryption vs hashing by drag
Parent article: Shadow hardening

Or they are using Blowfish in a different manner then I understood it to be used.

The original Unix CRYPT mechanism used DES (with a few minor tweaks), which like Blowfish is a symmetric cypher. The way this worked was that the user-provided password was used as the key to encrypt a constant (usually a vector of null bytes). The result was then encrypted again etc., for a total of 25 rounds (which on a PDP-11 took a reasonable amount of time). This is incidentally why Unix passwords used to be limited to 8 (7-bit) characters, which are just enough to make up a 56-bit DES key.

Blowfish-based password »encryption« operates along the same lines – it uses the password as the key, not the plaintext to be encrypted – but makes use of the password in a more complicated manner.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds