Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 18 Dec 2011 02:24:45 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Bit slice implementation of DES based hashes

On Sat, Dec 17, 2011 at 10:01:24PM +0530, piyush mittal wrote:
> Yes, that is true that we can call  DES_bs_set_key() with same fixed key
> for all layers.But what about different plain text that we need i.e if we
> see into struct fmt_main initialisation it sends all stored list of
> password through method set_key().

Just because the format method is named set_key() doesn't imply that it
has to call DES_bs_set_key().  In your case, it sounds like it should not.
Instead, according to what you're saying, it should either initialize a
bit layer in B or it should save the password as-is e.g. in a
saved_key[] entry (like some formats do) and then have crypt_all()
process those passwords into their bit layers in B[] before calling a
revision of DES_bs_crypt_LM().

> > As I suggested, DES_bs_crypt_LM() is a closer match.  DES_bs_crypt()
> > adds salts and iterations, which you don't need.
> 
> No.Salt and iterations also exist in oracle.Salt here is user name and we
> need two iterations.

You really don't need salts and iterations of DES_bs_crypt().  You need
different ones, which you may implement externally to your slight
revision of DES_bs_crypt_LM().

> Let me summarise you what actually going on.
> 
> 1.Concatenate user name(i.e salt) and password to get plain text string(i.e
> input plain text for DES).
> 2.Encrypt plain text string in CBC mode using fixed key 0x0123456789ABCDEF.
> 3.Encrypt the plain text string again in CBC mode but using the last block
> of o/p of previous step as the encryption key.
> 
> so if I will apply DES_bs_crypt_LM() then step 2 can be done but step 3
> again needs number of modifications

Please don't worry about efficiency for your initial implementation.
When you don't worry about efficiency, you can just use a trivial
revision of DES_bs_crypt_LM() (with B initialization removed) for both
step 2 and step 3 above.  You will need to replace K between steps 2 and
3, but you can do it externally to the function.

Of course, the goal of bitslicing is to improve performance, so you will
need to worry about it at some point, but initially your goal is just to
get things working.

Thanks,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.