crypt

Algorithm behind MD5Crypt

I'm working with Subversion based on Windows and would like to write an easy utility in .NET for working with the Apache password file. I understand that it uses a function referred to as MD5Crypt, but I can't seem to find a description of the algorithm beyond that at some point it uses MD5 to create a hash. Can someone describe the MD...

Encrypt/Decrypt across machines is a no-no

I'm using an identical call to "CryptUnprotectData" (exposed from Crypt32.dll) between XP and Vista. Works fine in XP. I get the following exception when I run in Vista: "Decryption failed. Key not valid for use in specified state." As expected, the versions of crypt32.dll are different between XP and Vista (w/XP actually having the m...

Python crypt module -- what's the correct use of salts?

First, context: I'm trying to create a command-line-based tool (Linux) that requires login. Accounts on this tool have nothing to do with system-level accounts -- none of this looks at /etc/passwd. I am planning to store user accounts in a text file using the same format (roughly) as /etc/passwd. Despite not using the system-level pass...

Can you convert the output of php crypt() to valid MD5?

I have some strings that have been encrypted using the php function crypt() http://uk2.php.net/crypt The outputs look something like this: $1$Vf/.4.1.$CgCo33ebiHVuFhpwS.kMI0 $1$84..vD4.$Ps1PdaLWRoaiWDKCfjLyV1 $1$or1.RY4.$v3xo04v1yfB7JxDj1sC/J/ While I believe crypt() is using the MD5 algorithm, the outputs are not valid MD5 hashes. ...

How do i replace the cakephp password hashing algorithm?

I have an existing database I'm trying to put a cake app on top of. The old app used crypt() in Perl to hash the passwords, I need to do the same in the PHP app. Where is the correct place to make that change in a standard cakephp app? And what would such a change look like? ...

What to use for password hashing? Any reason not to use jBCrypt?

I'm planning to use jBCrypt for password hashing in a new web application, as it is supposed to be the best from what I've read. As I haven't used it before I'm looking into if there is any reason not to use it. I have this: I haven't found it in the Maven repository (searched for jbcrypt and bcrypt at mvnrepository.org) which is a do...

What does crypt() do in C?

crypt(text,"k7") I looked it up and apparently 'k7' is the salt, but I have no idea what that means nor what type of output will come from that, anyone know? ...

Is there a way to reverse a crypt() in c?

Not sure if this is possible but I want to be able to start with a string, and then figure out what the input must be into the crypt in order to get this string out. Or maybe it's impossible, which would be the whole purpose of the thing anyways? EDIT: And yes, there is a salt in the code where I am trying this. ...

LDAP DB question

If I will store an array of information (account - e.g. fullname, address, userid, password) in a various servers and I would want to encrypt the password using md5, (question is), everytime I'll add the account into LDAP servers (since, that's what we're using), then does that mean that everytime i save password, i'll have to use 'crypt...

Does placing a crypted password into a variable and assigning it to another variable makes a difference to crypting it one time assigned to the said one variable?

Does placing a crypted password into a variable and assigning it to another variable makes a difference to crypting it one time assigned to the said one variable? such as: $myPassword = "1234567"; $crypted_password = "{crypt}".crypt($myPassword); $userPassword = $crypted_password and, $myPassword = "1234567"; $userPassword = "{...

how to use md5() and crypt() together in php and msyql

Hello, I want to use md5() and crypt() together in php login authentication. I tried to use md5(crypt(string),salt); but i can't login in mysql. Does anyone know how to use them together? Thanks a lot. ...

Need help with brute force code for crypt(3)

Hello, I am trying to develop a program in C that will "crack" the crypt(3) encryption used by UNIX. The most naive way to do it is brute forcing I guess. I thought I should create an array containing all the symbols a password can have and then get all possible permutations of them and store them in a two-dimensional array (where all th...

What is the safest algorithm in Kohana's auth module?

I'd prefer to use the crypt function and use blowfish encryption, but the current implementation of this module uses the hash function, which doesn't offer this encryption method. So, what is the safest algorithm in Kohana's auth module? Would SHA-512 be a good option or am I better off modifying the module to use crypt and blowfish? ...

Ruby string#crypt in c# and php

I have a ruby client program that encrypts a password with string#crypt like so encrypted = password.crypt(SALT) # removing first two characters which actually are the salt for safety return encrypted[2, encrypted.size - 2] it then sends it to a server for comparison with it's stored pre-encrypted string. how ever I need to be a...

Anyone know the crypt() function? Why isn't there a memory leak?

man crypt crypt(3) - Linux man page char *crypt(const char *key, const char *salt); Return Value A pointer to the encrypted password is returned. On error, NULL is returned. Since crypt is unknown unless key and salt is given, this should be a dynamically allocated memory, but valgrind doesn't agree.. Thanks. ...

What is the correct format for a blowfish salt using PHP's crypt?

I have read the information provided on the PHP Manual Entry for crypt(), but I find myself still unsure of the format for a salt to trigger the Blowfish algorithm. According manual entry, I should use '$2$' or '$2a$' as the start of a 16 character string. However, in the example given later, they use a much longer string: '$2a$07$uses...

Why does crypt/blowfish generate the same hash with two different salts?

This question has to do with PHP's implementation of crypt(). For this question, the first 7 characters of the salt are not counted, so a salt '$2a$07$a' would be said to have a length of 1, as it is only 1 character of salt and seven characters of meta-data. When using salt strings longer than 22 characters, there is no change in the ...

(PHP) How to correctly implement crypt()

Here is the example from the PHP manual page for crypt(): <?php $password = crypt('mypassword'); // let the salt be automatically generated /* You should pass the entire results of crypt() as the salt for comparing a password, to avoid problems when different hashing algorithms are used. (As it says above, standard DES-based pass...

(PHP) How to use crypt() with CRYPT_BLOWFISH?

First, I see that to use CRYPT_BLOWFISH, i need to use a 16 char salt starting with $2a$. However, the php.net documentation for crypt() says that some systems don't support CRYPT_BLOWFISH. How often is that the case? Next, from their example on the docs, I see I use crypt() as follows: <?php $password = crypt('mypassword'); // let the...

[C#] Make the file unreadeable. (some kind of encryption)

Hello there guys! I'm using encryption in my program, that decrypts files if it needs to use it, and encrypts it after it done with the file. But my files arouznd 100mb, and it takes more than a minute to crypt them. My question is, is it possible, to make my file unreadable, without encrypting the whole file? So , for example, just e...