Unix crypt(3)
E721424
Unix crypt(3) is a traditional Unix library function and algorithm used to hash and verify passwords, historically based on modified DES and later extended to support stronger schemes.
Statements (53)
| Predicate | Object |
|---|---|
| instanceOf |
C library function
ⓘ
Unix library function ⓘ authentication mechanism ⓘ password hashing function ⓘ |
| basedOn |
Data Encryption Standard
NERFINISHED
ⓘ
modified DES cipher ⓘ |
| category |
Unix security
ⓘ
cryptographic software ⓘ |
| definedIn |
crypt.h
ⓘ
unistd.h NERFINISHED ⓘ |
| extendedToSupport |
Blowfish-based password hashes
ⓘ
MD5-based password hashes ⓘ SHA-256-based password hashes ⓘ SHA-512-based password hashes ⓘ modular crypt format ⓘ |
| identifierPrefix |
$1$ for MD5-based hashes
ⓘ
$2$ or $2a$ or $2y$ for Blowfish-based hashes ⓘ $5$ for SHA-256-based hashes ⓘ $6$ for SHA-512-based hashes ⓘ |
| implementedIn |
BSD C libraries
NERFINISHED
ⓘ
glibc NERFINISHED ⓘ musl libc NERFINISHED ⓘ |
| implements | one-way hash function ⓘ |
| influenced | design of modern password hashing schemes ⓘ |
| input |
salt value
ⓘ
user password ⓘ |
| introducedIn | Unix Version 7 NERFINISHED ⓘ |
| introducedInYear | 1979 ⓘ |
| nameOrigin | crypt function in section 3 of Unix manual ⓘ |
| operatingSystemFamily | Unix NERFINISHED ⓘ |
| originalAlgorithm | DES-based password hash ⓘ |
| originalIterationCount | 25 DES iterations ⓘ |
| originalKeySpace | 56-bit DES key ⓘ |
| originalPasswordLengthLimit | 8 characters ⓘ |
| originalSaltEncoding | 2-character string ⓘ |
| originalSaltLength | 12 bits ⓘ |
| output | encoded password hash ⓘ |
| outputFormat | printable ASCII string ⓘ |
| parameter |
const char *key
ⓘ
const char *salt ⓘ |
| primaryUse |
password hashing
ⓘ
password verification ⓘ |
| returnType | char * ⓘ |
| standardizedIn |
POSIX
NERFINISHED
ⓘ
Single UNIX Specification NERFINISHED ⓘ |
| status | legacy for DES-based variant ⓘ |
| stillUsedFor | backward compatibility ⓘ |
| usedBy |
/etc/passwd
ⓘ
/etc/shadow ⓘ PAM authentication modules ⓘ login programs ⓘ |
| vulnerability |
limited password length in original DES variant
ⓘ
susceptible to brute-force attacks for DES-based hashes ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.