Re: crypt

[Rick Jones <rickya@siservices.net>]

On Tue, 27 May 1997, Nathan E Norman wrote:

> The crypt (1) algorithm is based on the German WWII era "Enigma" cipher
> - except that it's not as good.  It emulates an Enigma machine with one
> rotor.  I'll point out that the chaps at Bletchley Park cracked four
> rotor ciphers in the 1940s using mechanical computers.

During the war there was only one way to decypher anything created this
way.  You had to have the machine.  If these people where able to do it
then where were they during the war?

> If you need strong encryption, take a look at PGP, or one of the RSA
> offerings.  Or use DES (which is also available in source code, and
> should be available in Solaris)

These are not "strong" encryption methods.  The government and RSA want
you to think they are but the fact is they aren't.  I guarentee you the
government can make short work of these encryption methods.

> PS - Many people confuse the crypt (1) command with the crypt (3)
> function in libc, which is used to "encrypt" passwords.  It actually
> hashes them ... they cannot be "decrypted".

This is completely false.  I don't care what is done to a password.  If it
is constant and repeatable, as password's need to be, then it's only a
matter of time.  If the method is public knowledge as with the source code
to encrypt passwords, it can be decrypted in no time.

These are the only methods available because of restrictions.  They are by
no means strong, or decryption proof.  The whole idea is that not many are
going to go to the extremes it takes to actually break these things.

The military trains Military Intelligence soldiers to break codes up to 9
levels deep with pencil and paper.  DES is only 3 levels deep.  

The only thing DES is used for is very low class items.  They use DES to
encrypt their magnetic media after it's been wiped before it's ground up
with a grinder and shredded with metal shears, in a highly classified
environment.

I'm sure that many of you think I have no idea what I'm talking about.  I
wrote to RSA once and offered to help them come up with a better
encryption system than they have and they blew me off too.  I know because
I was in Military Intelligence for 6 years.  I was a trained cryptoanalyst
and dealt with crypto DAILY.  I dealt with the best crypto the government
has daily.

Anyone that doubts me when I say these encryption methods are like table
scraps the government allows us to use (possibly because they can break
them while having coffee) is a fool.  Flame me if you like.  I'll only
laugh at your ignorance and government brain-washing.

I have the knowledge and will spread it whenever possible because I know
what the government is doing when they regulate this stuff.  They want to
make sure that if they can't controle the internet they can at least know
what everyone is saying to each other.

Do you doubt me :-)

L8R,

--Rick

Unsolicited commercial/propaganda email subject to legal action.  Under US
Code Title 47, Sec.227(a)(2)(B), Sec.227(b)(1)(C), and Sec.227(b)(3)(C), a
State may impose a fine of NOT LESS than $500 per message.  Read the full
text of Title 47 Sec 227 at http://www.law.cornell.edu/uscode/47/227.html



--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .