On the password mechanism of Unix/bsd/linux

Freebird <freebird@cnfug.org>

1. Overview

The early U N I x system kept the user's password in a plain text readable "password file," which could be intercepted and exposed without the attention of the system administrator. It may also be leaked in an accidental event.

Starting with at&t UNIX version 6, Thompson and so on decided to adopt a different approach: U N I x passwords are encoded using a rotational algorithm based on the U.S. military M-2 0 9 cipher machines. This fast algorithm is proven to be a weakness for exhaustive text search and is replaced by a more advanced crypt () library that appears in At&t UNIX version 7.

Unix/linux now saves the password in an unreadable way to the machine. The system uses an algorithm named cryptographic hash to convert the password to a text string. This string is called a hash or hash value. There are a number of algorithms that can be used, but they are both irreversible, meaning that the original password cannot be recovered from the hash value. Different systems, the password files used and the encryption algorithms may be different. Management and maintenance of these password files is the first task to ensure system security. (not specifically, all commands in this article are run as root under CSH.) )

2. Introduction to Cryptographic algorithms

2.1---crypt () profile---key and salt

There are many hashing algorithms under Unix/linux. The algorithms supported by these systems can be invoked through the library function crypt (). Crypt () has key and salt two parameters, and returns the corresponding hash value. Salt, which we often call "salts," is simply a string, its length depends on the algorithm used, and different hashing algorithms have different range of values. Therefore, even the same algorithm, the same original password, using a different salt, you will get a different encryption password. The purpose of salt is to increase the difficulty of password cracking, when we use the passwd command to modify the password, it will randomly select a salt. S a l t makes it more difficult to use a precompiled dictionary to attack an encrypted password. Instead of making a separate encryption for each word in the dictionary, the attacker now had to encrypt and store 4 0 9 6 permutations of each word in the dictionary. In the 2 0 years ago, s a l t was introduced as a resource barrier in nature, but now 1 2-bit s a l t is no longer considered an effective defense method.

Crypt () can be called directly in a C program, or even directly in Perl (Please man 3 crypt for more information), as the following example:

%perl -e 'print crypt("mypass","s1"),"\n"'
s1tROevFyi.yQ
%perl -e 'print crypt("mypass","s2"),"\n"'
s2JQ85JElCMeU


In both cases, S1 and S2 are salt values, and you can see that the same password (Mypass in the example above) uses a different salt to get a different hash value. Both examples use the DES algorithm, and the encrypted hash value uses the salt value as its prefix.