Crypt (C)

crypt is the library function which is used to compute a password hash that can be used to store user account passwords while keeping them relatively secure (a passwd file). The output of the function is not simply the hash – it is a text string which also encodes the salt (usually the first two characters are the salt itself and the rest is the hashed result), and identifies the hash algorithm used (defaulting to the "traditional" one explained below). This output string is what is meant for putting in a password record which may be stored in a plain text file.

More formally, crypt provides cryptographic key derivation functions for password validation and storage on Unix systems.

There is a crypt utility in Unix, which is often confused with the C library function. To distinguish between the two, writers often refer to the utility program as crypt(1), because it is documented in section 1 of the Unix manual pages, and refer to the C library function as crypt(3), because its documentation is in manual section 3.

This same crypt function is used both to generate a new hash for storage and also to hash a proffered password with a recorded salt for comparison.

Modern Unix implementations of the crypt library routine support a variety of different hash schemes. The particular hash algorithm used can be identified by a unique code prefix in the resulting hashtext, following a de facto standard called Modular Crypt Format.

The crypt() library function is also included in the Perl,PHP,Pike,Python, and Ruby programming languages.

Over time various algorithms have been introduced and to enable backward compatibility each scheme started using some convention of serializing the password hashes that later was called Modular Crypt Format (MCF). Since any standard wasn't formed at beginning and old crypt(3) hashes may vary from schemes to scheme. During Password Hashing Competition was formed a following format that represents and average form:

...
Wikipedia