CRYPT(3)                Library functions                CRYPT(3)

NAME
       crypt - password and data encryption

SYNOPSIS
       #define _XOPEN_SOURCE
       #include <unistd.h>

       char *crypt(const char *key, const char *salt);

DESCRIPTION
       crypt is the password encryption function.  It is based on
       the Data Encryption  Standard  algorithm  with  variations
       intended  (among  other things) to discourage use of hard-
       ware implementations of a key search.

       key is a user's typed password.

       salt  is  a  two-character  string  chosen  from  the  set
       [a-zA-Z0-9./].   This  string is used to perturb the algo-
       rithm in one of 4096 different ways.

       By taking the lowest 7 bit of each character of the key, a
       56-bit  key  is  obtained.   This  56-bit  key  is used to
       encrypt repeatedly a constant  string  (usually  a  string
       consisting  of  all  zeros).  The returned value points to
       the encrypted password, a series  of  13  printable  ASCII
       characters  (the  first  two characters represent the salt
       itself).  The return value points  to  static  data  whose
       content is overwritten by each call.

       Warning: The key space consists of 2**56 equal 7.2e16 pos-
       sible values.  Exhaustive searches of this key  space  are
       possible  using  massively  parallel computers.  Software,
       such as crack(1), is available which will search the  por-
       tion  of  this  key space that is generally used by humans
       for passwords.  Hence, password selection should, at mini-
       mum, avoid common words and names.  The use of a passwd(1)
       program that checks for  crackable  passwords  during  the
       selection process is recommended.

       The  DES  algorithm itself has a few quirks which make the
       use of the crypt(3) interface a very poor choice for  any-
       thing  other  than  password  authentication.   If you are
       planning on using the crypt(3) interface for a  cryptogra-
       phy  project,  don't  do it: get a good book on encryption
       and one of the widely available DES libraries.

CONFORMING TO
       SVID, X/OPEN, BSD 4.3

SEE ALSO
       login(1), passwd(1), encrypt(3), getpass(3), passwd(5)

                        September 3, 1994                       1