Thanks for the information. As is obvious, cryptology is not my strong suit, so if you or anyone else cares to tackle the following question, I'd be grateful.

From the link you provided regarding the MD5 crypt function:

The output is the concatenation of the version identifier ``$1$'', the salt, a ``$'' separator, and the 128-bit hash output.

So, I might get passwords that look like this:

$1$1PUXLuZE$P.LfclRO9SKqTf2BQK.yD1

The eight characters after the second dollar sign are the salt. I understand that the salt and the password are repeatedly hashed together in an effort to make make cracking it computationally slow, but how exactly is that different from the constant component that I used, other than the fact that it's kept separate? I'm not sure I understand that point.

The other point that I am trying to figure out is why the salt is included in the output. Doesn't keeping the salt secret make it more difficult to crack, since the attacker should know the salt in order to crack the password? I can see how having a different salt for each password improves security (lack of salt collisions will mean that each salt will force a different computation of the word list), but if someone has the password file, they can use the included salts at their leisure. Is there something just dead obvious that I am missing here?

Glancing through the code for Crypt::PasswdMD5, it looks like it would be cross-platform compatible and should slow down an attacker. Once I have a better grasp of these issues, I should post an update to my course.

Cheers,
Ovid

Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.