Cryptography Reference
In-Depth Information
One area where cryptography can be used to help to implement an identifi-
cation system based on passwords is in securing the password database. This is
because, in order to authenticate a user, the systemdoes not actually need to know
a user's password. Rather, the device simply needs to know whether a supplied
password is the correct one. The point is that while a user does need to enter the
correct password, the system does not need to store a copy of this password in
order to verify that it is correct.
In Section 6.2.2 we described an application of hash functions that imple-
mented password database protection. The idea is to store hashes of the passwords,
rather than the actual passwords in the password database. This allows them to
be checked, while preventing anyone who gains access to the password database
from recovering the passwords themselves. We observed that any function that
is regarded as being one-way (which includes hash functions) could be used to
provide this service.
As an example of a cryptographic primitive being used in a different way to
create a one-way function, Figure 8.2 illustrates the basic idea behind the function
that was used in many early UNIX operating systems for password database
protection.
In the password database in the UNIX system, often identified by
/etc/passwd
,
every user has an entry that consists of two pieces of information:
Salt
. This is a 12-bit number randomly generated using the system clock (see
Section 8.1.3). The salt is used to uniquely modify the DES encryption
algorithm (see Section 4.4) in a subtle way. We denote the result of this unique
modification by DES
.
Password image
. This is the result that is output after doing the following:
1. Convert the 8 ASCII character password into a 56-bit DES key. This is
straightforward, since each ASCII character consists of 7 bits.
+
System clock
Salt
/etc/passwd
DES
DES+
Password = 8
×
7 bits is a key
DES+
DES+
DES+
25 iterations
Plaintext 0
Figure 8.2.
One-way function for UNIX password protection
