[plug] Redhat passwords - max 8 chars!?

David Griffiths griffith at environ.wa.gov.au
Thu Sep 14 17:37:58 WST 2000


On Thu, Sep 14, 2000 Christian wrote:

>
>For your next question, if I understand you correctly, there isn't a
>one-to-one mapping of DES crypt() passwords to the hash output because
>these passwords include a 12-bit salt (makes 4096 possible outputs to
>one input of the hash function).  If you took away the salt then hashing
>the same password would give the same output (and this is necessarily
>true of any hash function).
> Am I understanding your question correctly?
>
Pretty well - I had long forgotten about the function of salts - thanks for
reminding me. The question was perhaps more to do with the size of the
collision space. But you've already answered that question above (in a
deleted paragraph).

Thanks for the comments!

cheers,

Dave.





More information about the plug mailing list