Brute force against /etc/passwd?

Seth D. Schoen (
Tue, 17 Jun 1997 01:47:19 -0400

Another thing, on an unrelated note:

How feasible now is a brute force attack against an individual Unix password
encrypted with the standard Unix password hash function?

In other words, how much longer does a crypt(3) take than a single encryption
the DESCHALL client is doing now? My (Linux) man pages indicate that crypt(3)
is a 56-bit DES hash, which would suggest to me that if 56-bit DES is broken,
Unix password security is broken, too, and it's time for Unix in general to
move to a much longer or slower hash.

I'm tempted to write to Alec Muffet to inquire of his opinion about the
feasibility of a network Crack style program on tens of thousands of fast
computers. They say that distributed computing is the wave of the future,
and if that's so, Unix security experts might do well to worry about the
power of that wave.

So what Unixes use 56-bit DES for authentication, and can their 56-bit DES
hashes be broken as quickly as RSA's challenge?

Nothing is more dangerous for man's private morality than the habit of
commanding.  The best man, the most intelligent, disinterested, generous,
pure, will infallibly and always be spoiled at this trade.
            -- Mikhail A. Bakunin (thanks to Rabbi Albert Axelrad)