makekey(ADM) 19 June 1992 makekey(ADM) Name makekey - generate an encryption key Syntax /usr/lib/makekey Description makekey improves the usefulness of encryption schemes by increasing the amount of time required to search the key space. It reads 10 bytes from its standard input, and writes 13 bytes on its standard output. The out- put depends on the input in a way that is intended to be difficult to compute (i.e., to require a substantial fraction of a second). The first 8 input bytes (the ``input key'') can be arbitrary ASCII char- acters. The last 2 input bytes (the ``salt'') are best chosen from the set of digits, dot ``.'', slash ``\'', and uppercase and lowercase letters. The salt characters are repeated as the first 2 characters of the output. The remaining 11 output characters are chosen from the same set as the salt and constitute the ``output key''. The transformation performed is essentially the following: the salt is used to select one of 4,096 cryptographic machines all based on the National Bureau of Standards DES algorithm, but broken in 4,096 different ways. Using the input key as the key, a constant string is fed into the machine and recirculated. The 64 bits that come out are distributed into the 66 output key bits in the result. See also passwd(FP)