Trapdoor functions or one way functions are designed such
that performing the operation in one direction (from plain
string to encrypted string in this case) is easy but performing an
opposite operation for the reverse direction is close to
impossible with modern day machines.
The most simple case is the following. Take two large prime
numbers and multiply them together. This is easy. (presuming
you can find two large prime numbers... but that isn't so hard).
Now give the result to someone else and ask them to factorise it
and give you back the two large primes you started with.
In most instances it will take them an extremely long time to
tell you, if they ever can.
UNIX passwords are supposed to rely on trapdoor functions too. We can
log in, however, because the password we supply on logging in
is encrypted in the same way as the stored password and then
the two encrypted passwords are compared.
The chances of two different passwords resulting in the same
encrypted result are very very low, so this is considered a
reasonable password protection scheme.
If you're trying to decrypt the password because you then want
to compare it with another and only allow a user to log in
if they're the same, try the above approach of encrypting the
password you're given and seeing if the two match.
If you're trying to recover a password you've forgotten ask
your system administrator, or if it's your own box and it's the
root password that you've forgotten, ask someone who is
knowledgeable about the OS you're running for help.
If you want to do this for illegal purposes you're on your
own. |
Comment onDecrypt UNIX password