Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 18 Dec 2011 16:38:10 +0530
From: piyush mittal <piyush.cse29@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Bit slice implementation of DES based hashes

At last a new twist came. The character equivalent of Ox0123456789ABCDEF is
a sequence of special characters i.e NON ASCII.Therefore it is mandatory to
use Unicode in oracle and then I hope we also need to change whole code of
Bit slice DES to Unicode because there every calculation is going on with
respect to ASCII char only .


On Sun, Dec 18, 2011 at 6:38 AM, piyush mittal <piyush.cse29@...il.com>wrote:

> You really don't need salts and iterations of DES_bs_crypt().  You need
>> different ones, which you may implement externally to your slight
>> revision of DES_bs_crypt_LM().
>>
>
> Yes *Of course.*May be today I will be able to finish out the whole work*.
> *
>
>
> Thanks
>
>
>
>
>
> On Sun, Dec 18, 2011 at 3:54 AM, Solar Designer <solar@...nwall.com>wrote:
>
>> On Sat, Dec 17, 2011 at 10:01:24PM +0530, piyush mittal wrote:
>> > Yes, that is true that we can call  DES_bs_set_key() with same fixed key
>> > for all layers.But what about different plain text that we need i.e if
>> we
>> > see into struct fmt_main initialisation it sends all stored list of
>> > password through method set_key().
>>
>> Just because the format method is named set_key() doesn't imply that it
>> has to call DES_bs_set_key().  In your case, it sounds like it should not.
>> Instead, according to what you're saying, it should either initialize a
>> bit layer in B or it should save the password as-is e.g. in a
>> saved_key[] entry (like some formats do) and then have crypt_all()
>> process those passwords into their bit layers in B[] before calling a
>> revision of DES_bs_crypt_LM().
>>
>> > > As I suggested, DES_bs_crypt_LM() is a closer match.  DES_bs_crypt()
>> > > adds salts and iterations, which you don't need.
>> >
>> > No.Salt and iterations also exist in oracle.Salt here is user name and
>> we
>> > need two iterations.
>>
>> You really don't need salts and iterations of DES_bs_crypt().  You need
>> different ones, which you may implement externally to your slight
>> revision of DES_bs_crypt_LM().
>>
>> > Let me summarise you what actually going on.
>> >
>> > 1.Concatenate user name(i.e salt) and password to get plain text
>> string(i.e
>> > input plain text for DES).
>> > 2.Encrypt plain text string in CBC mode using fixed key
>> 0x0123456789ABCDEF.
>> > 3.Encrypt the plain text string again in CBC mode but using the last
>> block
>> > of o/p of previous step as the encryption key.
>> >
>> > so if I will apply DES_bs_crypt_LM() then step 2 can be done but step 3
>> > again needs number of modifications
>>
>> Please don't worry about efficiency for your initial implementation.
>> When you don't worry about efficiency, you can just use a trivial
>> revision of DES_bs_crypt_LM() (with B initialization removed) for both
>> step 2 and step 3 above.  You will need to replace K between steps 2 and
>> 3, but you can do it externally to the function.
>>
>> Of course, the goal of bitslicing is to improve performance, so you will
>> need to worry about it at some point, but initially your goal is just to
>> get things working.
>>
>> Thanks,
>>
>> Alexander
>>
>
>
>
> --
> Piyush Mittal
> Department of Computer Science and Engineering
> National Institute of Technology,Rourkela
> INDIA
>
>
>


-- 
Piyush Mittal
Department of Computer Science and Engineering
National Institute of Technology,Rourkela
INDIA

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ