Reversing the password algorithm

[Doug Gwyn]

In article <1106 at murtoa.cs.mu.oz.au> mwp at murtoa writes:
>Now we all know that if X = A ^ B, and we know X that it is not possible to
>deduce what A and B were in the first place because there are many A's and
>B's which satisfy the equation (remember: 1 ^ 1 = 0, and 0 ^ 0 = 0).

But if you know X and B, then A = X ^ B is the unique solution for A.
Also, the various equations that need to be solved to invert a DES
are somewhat redundant.  If you solve enough samples simultaneously,
the plaintext can be uniquely reconstructed without knowing the key
in advance.  (I don't say that this is EASY.)  And, in the case of
cracking encrypted passwords, one doesn't normally care what the
actual password was, so long as A working password is produced.