|
HP OpenVMS Systemsask the wizard |
|
The Question is: I have spent days trying to find details on how the UAI$C_PURDY_S Encryption Alogrithm works. Can you direct me to a web site, a book, or sonething, where I can decent details on the Algorithm. Thanks, Ken Fitz The Answer is : OpenVMS uses a function known as a Purdy polynomial to perform a one-way hash on the password. The username, the password, and some salt are all used together to create the hashed password quadword value. The usual approach to checking a password on OpenVMS is to prompt for the password, retrieve various values from the system authorization file via $getuai, and to run the appropriate values through the system service $hash_password, and compare the results against the value saved in the system authorization file. OpenVMS Engineering expects to be releasing new capabilities to ease implementing the necessary related tasks, such as auditing and breakin evasion. Older versions of the passord hashing module used within OpenVMS have been seen at various websites over time, search for a string "+ hpwd + purdy" or similar for details. For the current version of the source code involved, please acquire and examine the OpenVMS source listings CD-ROM set.
|