MAKEKEY(8)          UNIX Programmer's Manual           MAKEKEY(8)

NAME
     makekey - generate encryption key

SYNOPSIS
     /usr/lib/makekey

DESCRIPTION
     _M_a_k_e_k_e_y improves the usefulness of encryption schemes
     depending on a key by increasing the amount of time required
     to search the key space.  It reads 10 bytes from its stan-
     dard input, and writes 13 bytes on its standard output.  The
     output depends on the input in a way intended to be diffi-
     cult to compute (i.e. to require a substantial fraction of a
     second).

     The first eight input bytes (the _i_n_p_u_t _k_e_y) can be arbitrary
     ASCII characters.  The last two (the _s_a_l_t) are best chosen
     from the set of digits, upper- and lower-case letters, and
     `.' and `/'.  The salt characters are repeated as the first
     two characters of the output.  The remaining 11 output char-
     acters are chosen from the same set as the salt and consti-
     tute the _o_u_t_p_u_t _k_e_y.

     The transformation performed is essentially the following:
     the salt is used to select one of 4096 cryptographic
     machines all based on the National Bureau of Standards DES
     algorithm, but modified in 4096 different ways.  Using the
     input key as key, a constant string is fed into the machine
     and recirculated a number of times.  The 64 bits that come
     out are distributed into the 66 useful key bits in the
     result.

     _M_a_k_e_k_e_y is intended for programs that perform encryption
     (e.g.  _e_d and _c_r_y_p_t(1)).  Usually its input and output will
     be pipes.

SEE ALSO
     crypt(1), ed(1)

Printed 9/10/82                                                 1