MAKEKEY(1)              COMMAND REFERENCE              MAKEKEY(1)



NAME
     makekey - generate encryption key

SYNOPSIS
     /usr/lib/makekey

DESCRIPTION
     The makekey utility improves the usefulness of encryption
     schemes depending on a key by increasing the amount of time
     required to search the key space. It reads 10 bytes from its
     standard input, and writes 13 bytes on its standard output.
     The output depends on the input in a way intended to be
     difficult to compute (that is, to require a substantial
     fraction of a second).

     The first eight input bytes (the input key) can be arbitrary
     ASCII characters.  The last two (the salt) are best chosen
     from the set of digits, uppercase and lowercase letters, and
     `.' and `/'.  The salt characters are repeated as the first
     two characters of the output.  The remaining 11 output
     characters are chosen from the same set as the salt and
     constitute the output key.

     The transformation performed is essentially the following:
     the salt is used to select one of 4096 cryptographic
     machines all based on the National Bureau of Standards DES
     algorithm, but modified in 4096 different ways.  Using the
     input key as key, a constant string is fed into the machine
     and recirculated a number of times.  The 64 bits that come
     out are distributed into the 66 useful key bits in the
     result.

     The makekey command is intended for programs that perform
     encryption (for instance, ed and crypt(3c)).  Usually
     makekey's input and output will be pipes.

RETURN VALUE
     [NO_ERRS]      Command completed without error.

SEE ALSO
     ed(1), ex(1), and crypt(3c).














Printed 4/6/89                                                  1

%%index%%
na:312,85;
sy:397,272;
de:669,1840;
rv:2509,177;
se:2686,150;
%%index%%000000000095