Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 19 Aug 2011 19:37:21 +0200
From: magnum <rawsmooth@...dband.net>
To: john-dev@...ts.openwall.com
Subject: Re: 45% wordlist boost just waiting to happen

On 2011-08-19 19:19, Solar Designer wrote:
> On Fri, Aug 19, 2011 at 06:34:11PM +0200, magnum wrote:
>> There is one caveat though: We are now truncating words as we load them
>> to memory.
>
> This is unacceptable for the reason you give below.

I'm glad I realised I should ask about it :)

>> I'm not sure how things are supposed to work, maybe for a
>> length 27 format we should be able to load eg. a length 32 word, delete
>> 5 characters from the *beginning* of it with a rule, and end up with the
>> remaining 27? If this is supposed to be supported we'll need to tweak it
>> a little.
>
> Yes, and it is extremely important for hashes with low truncation length
> (7 and 8 with LM and DES-based crypt, respectively).

Jim, you decide if you fix this within your const patch, or I fix it first?

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ