This is a very general answer, not specific to Unix, shadow passwords or
MD5 (which is what I believe shadow uses).
Modern encryption is based on problems that are only solvable in one
direction. Prime factorization is a good example. It's very easy to
take two (large) primes and multiply them together. But it is very
difficult to take a (very large) composite number and factor it back to
the two primes.
This basic fact (there's a lot more in real cryptography about modulus,
etc) makes encryption easy but decryption hard.
Maurice Hendrix wrote:
>
> Hi,
>
> I have a question about password encryption used by Linux (PAM I think).
>
> Could somebody explain to me why it would be impossible to write a program
> that will decrypt a password taken from the /etc/passwd file (or it's
> shadow) using the inverse of the encryption algorithm? What *is* the
> encryption algorithm used anyway?
>
> If that isn't a challenge already, try to answer slowly in plain English (I
> do have fair understanding of math).
>
> TIA,
> --
> Maurice Hendrix
>
> snailmail: Fuji Photo Film BV Standard disclaimers apply
> Dept. P1LPI
> attn. M. Hendrix
> PO Box 90156
> 5000 LJ Tilburg
> phone: +31 13-579 1370 or fax: +31 13-579 1385
>
> - Still 19 months to go until the next millenium...
--
My public encryption key is available from
www.az.com/~drysdam/crypt/rysdam.gpg.html
and of course www.keyserver.net
