makekey(1)                                                       makekey(1)




 NAME    [Toc]    [Back]
      makekey - generate encryption key

 SYNOPSIS    [Toc]    [Back]
      /usr/lbin/makekey

 DESCRIPTION    [Toc]    [Back]
      makekey improves the usefulness of encryption schemes depending on a
      key by increasing the amount of time required to search the key space.
      It reads 10 bytes from its standard input and writes 13 bytes on its
      standard output.  The output depends on the input in a way intended to
      be difficult to compute (i.e., to require a substantial fraction of a
      second).

      The first eight input bytes (the input key) can be arbitrary ASCII
      characters.  The last two (the salt) are best chosen from the set of
      digits, ., /, and uppercase and lowercase letters.  The salt
      characters are repeated as the first two characters of the output.
      The remaining 11 output characters are chosen from the same set as the
      salt and constitute the output key.

      The transformation performed is essentially the following: the salt is
      used to select one of 4,096 cryptographic machines all based on the
      National Bureau of Standards DES algorithm, but broken in 4,096
      different ways.  Using the input key as key, a constant string is fed
      into the machine and recirculated a number of times.  The 64 bits that
      come out are distributed into the 66 output key bits in the result.

      makekey is intended for programs that perform encryption (e.g., ed(1)
      and crypt(1)).  Usually, its input and output will be pipes.

 SEE ALSO    [Toc]    [Back]
      crypt(1), ed(1), passwd(4).


 Hewlett-Packard Company            - 1 -   HP-UX 11i Version 2: August 2003