Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 5 Mar 2011 23:06:37 -0600
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: Re: md5_gen, proposed functionality

>From: magnum [mailto:rawsmooth@...dband.net]
>
>Sounds very good. Just curious, how simple/hard/sensible would it be to
>rip all the "generic" part out of that for a true sha1-gen format?

The true 'generic' stuff is pretty easy.  Yes, there are a ton of functions,
but many of them are simply due to multiple same code, just to different
input and output. 


Porting the methods of md5-gen to other hash types should not be too hard.
Time consuming, but not hard.

>Even wilder, how about a generic_generic format that does the same with
>more or less any raw hashing? Just thinking out of the box here :-)

Getting a 'generic' generic (a super, to do something like
md5($s.sha1($p).md4($s.$p)) would be quite a bit harder. Many of the
performance related items are getting data into the SSE x4 format, and
keeping it there.  However, md5 and sha do not have compat formats, IIRC.  I
think SHA is big endian.  MD5 is little.  I think this would (or may) cause
problems, and require quite a bit of overhead on conversions.

>I am impressed that the user md5_gen(1xxx) formats seem to perform the
>same as the hard coded ones. 

The external ones, in john.conf, really work 100% same as the ones
'built-in'.  It is all in getting enough primitive 'parts' built.  Then
building the script to use the 'proper' ones.

Maybe it is not that magic but it's well
>done. It would be very powerful if it could be taken further so one
>could produce more or less any function, like having it do md4($p.$s) or
>sha1(unicode($p.$u)) too. A majority of John's supported formats could
>be thin, or even just sections in john.conf.

Most 'should' be.  The ones that are 'hard', are ones like MD5($1$) or
Apache($apr1$) or even phpass.    The reason I say most 'should' be, is they
are much easier to 'maintain' if thin.  Also, if md5-gen (or other 'super'
format), gets enhanced, many (or most) of the thin formats would also get
sped up.  Keeps them more 'cutting' edge.

>Just random thoughts for the future.

Been thinking that way myself, for a while.

>magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ