HP-UX Reference (11i v1 05/09) - 1 User Commands A-M (vol 1)
m
makekey(1) makekey(1)
NAME
makekey - generate encryption key
SYNOPSIS
/usr/lbin/makekey
DESCRIPTION
makekey improves the usefulness of encryption schemes depending on a key by increasing the amount of
time required to search the key space. It reads 10 bytes from its standard input and writes 13 bytes on its
standard output. The output depends on the input in a way intended to be difficult to compute (i.e., to
require a substantial fraction of a second).
The first eight input bytes (the input key) can be arbitrary
ASCII characters. The last two (the salt) are best
chosen from the set of digits,
.,
/, and uppercase and lowercase letters. The salt characters are repeated
as the first two characters of the output. The remaining 11 output characters are chosen from the same set
as the salt and constitute the output key.
The transformation performed is essentially the following: the salt is used to select one of 4,096 crypto-
graphic machines all based on the National Bureau of Standards
DES algorithm, but broken in 4,096
different ways. Using the input key as key, a constant string is fed into the machine and recirculated a
number of times. The 64 bits that come out are distributed into the 66 output key bits in the result.
makekey is intended for programs that perform encryption (e.g., ed(1) and crypt(1)). Usually, its input
and output will be pipes.
SEE ALSO
crypt(1), ed(1), passwd(4).
HP-UX 11i Version 1: September 2005 − 1 − Hewlett-Packard Company Section 1−−539