MAKEKEY(ADM) XENIX System V MAKEKEY(ADM)
Name
makekey - Generates an encryption key.
Syntax
/usr/lib/makekey
Description
makekey improves the usefulness of encryption schemes by
increasing the amount of time required to search the key
space. It reads 10 bytes from its standard input, and
writes 13 bytes on its standard output. The output depends
on the input in a way that is intended to be difficult to
compute (i.e., to require a substantial fraction of a
second).
The first 8 input bytes (the input key) can be arbitrary
ASCII characters. The last 2 input bytes (the salt) are
best chosen from the set of digits, dot (.), slash (/), and
uppercase and lowercase letters. The salt characters are
repeated as the first 2 characters of the output. The
remaining 11 output characters are chosen from the same set
as the salt and constitute the output key.
The transformation performed is essentially the following:
the salt is used to select one of 4,096 cryptographic
machines all based on the National Bureau of Standards DES
algorithm, but broken in 4,096 different ways. Using the
input key as the key, a constant string is fed into the
machine and recirculated. The 64 bits that come out are
distributed into the 66 output key bits in the result.
Notes
Distribution of the encryption libraries and utilities is
regulated by the U.S. Government and are not available to
sites outside of the United States and its territories.
Because we cannot control the destination of the software,
these utilities are not included in the standard product.
If your site is within the U.S. or its territories, you can
obtain the encryption software through your product
distributor or reseller.
See Also
passwd(F)
Page 1 (printed 2/7/91)