On Tue, 27 May 1997, Nathan E Norman wrote: > The crypt (1) algorithm is based on the German WWII era "Enigma" cipher > - except that it's not as good. It emulates an Enigma machine with one > rotor. I'll point out that the chaps at Bletchley Park cracked four > rotor ciphers in the 1940s using mechanical computers.
During the war there was only one way to decypher anything created this way. You had to have the machine. If these people where able to do it then where were they during the war? > If you need strong encryption, take a look at PGP, or one of the RSA > offerings. Or use DES (which is also available in source code, and > should be available in Solaris) These are not "strong" encryption methods. The government and RSA want you to think they are but the fact is they aren't. I guarentee you the government can make short work of these encryption methods. > PS - Many people confuse the crypt (1) command with the crypt (3) > function in libc, which is used to "encrypt" passwords. It actually > hashes them ... they cannot be "decrypted". This is completely false. I don't care what is done to a password. If it is constant and repeatable, as password's need to be, then it's only a matter of time. If the method is public knowledge as with the source code to encrypt passwords, it can be decrypted in no time. These are the only methods available because of restrictions. They are by no means strong, or decryption proof. The whole idea is that not many are going to go to the extremes it takes to actually break these things. The military trains Military Intelligence soldiers to break codes up to 9 levels deep with pencil and paper. DES is only 3 levels deep. The only thing DES is used for is very low class items. They use DES to encrypt their magnetic media after it's been wiped before it's ground up with a grinder and shredded with metal shears, in a highly classified environment. I'm sure that many of you think I have no idea what I'm talking about. I wrote to RSA once and offered to help them come up with a better encryption system than they have and they blew me off too. I know because I was in Military Intelligence for 6 years. I was a trained cryptoanalyst and dealt with crypto DAILY. I dealt with the best crypto the government has daily. Anyone that doubts me when I say these encryption methods are like table scraps the government allows us to use (possibly because they can break them while having coffee) is a fool. Flame me if you like. I'll only laugh at your ignorance and government brain-washing. I have the knowledge and will spread it whenever possible because I know what the government is doing when they regulate this stuff. They want to make sure that if they can't controle the internet they can at least know what everyone is saying to each other. Do you doubt me :-) L8R, --Rick Unsolicited commercial/propaganda email subject to legal action. Under US Code Title 47, Sec.227(a)(2)(B), Sec.227(b)(1)(C), and Sec.227(b)(3)(C), a State may impose a fine of NOT LESS than $500 per message. Read the full text of Title 47 Sec 227 at http://www.law.cornell.edu/uscode/47/227.html -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .