crypt - password and data encryption


     #define _XOPEN_SOURCE
     #include <unistd.h>

     char *crypt(const char *key, const char *salt));


     crypt is the password encryption function.  It is  based  on
     the  Data  Encryption  Standard  algorithm  with  variations
     intended (among other things) to discourage use of  hardware
     implementations of a key search.

     key is a user's typed password.

     salt  is  a  two-character  string  chosen  from   the   set
     [azAZ09./].  This string is used to perturb the algorithm in
     one of 4096 different ways.

     By taking the lowest 7 bit of each character of the  key,  a
     56-bit  key is obtained.  This 56-bit key is used to encrypt
     repeatedly a constant string (usually a string consisting of
     all  zeros).   The  returned  value  points to the encrypted
     password, a series of 13  printable  ASCII  characters  (the
     first two characters represent the salt itself).  The return
     value points to static data whose content is overwritten  by
     each call.

     Warning: The key space consists of 2**56 equal 7.2e16 possi-
     ble  values.  Exhaustive searches of this key space are pos-
     sible using massively parallel computers.  Software, such as
     crack(1), is available which will search the portion of this
     key space that is generally used by  humans  for  passwords.
     Hence,  password  selection should, at minimum, avoid common
     words and names.  The use of a passwd(1) program that checks
     for  crackable  passwords  during  the  selection process is

     The DES algorithm itself has a few quirks which make the use
     of  the  crypt(3)  interface a very poor choice for anything
     other than password authentication.  If you are planning  on
     using  the  crypt(3)  interface  for a cryptography project,
     don't do it: get a good book on encryption and  one  of  the
     widely available DES libraries.


     SVID, X/OPEN, BSD 4.3


     login(1), passwd(1), encrypt(3),