DES vs. UNIX Crypt

Keywords: des,crypt,security

According to the man page, crypt uses 25 rounds of DES for password hashing where the DES algorithm is "perturbed" by the salt.

This is what perturbed means:

Each round one half of the message (32 bits) is expanded to 48 bits. In normal DES these 48 bits are xor'ed with the round key and afterwards reduced back to 32 bits using the s-boxes. In the crypt modification the expanded 48 bits are permutated before being fed into the xor.
This is done by switching bits 0-11 with 24-35 if the corresponding bit in salt is set.

Or in C:

  for (i = 0; i < 12; i++)
    if (salt[i]) {
      tmp = e[i];
      e[i] = e[24 + i];
      e[24 + i] = tmp;
(e = 48 bits after expansion; salt = 12 salt bits; each array entry represents one bit)

Or in VHDL:

salted <= ((e(24 to 35) and salt) or (e(0 to 11) and not salt))
	& e(12 to 23)
	& ((e(0 to 11) and salt) or (e(24 to 35) and not salt))
	& e(36 to 47);

Related notes for 'crypt':
Encrypted DVDs
Encrypted DVDs - mount / umount toggle script

Related notes for 'security':
Encrypted DVDs