Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 11 Jul 2012 22:41:52 -0400
From:  <jfoug@....net>
To: john-dev@...ts.openwall.com
Subject: RE: request for new dynamic subformats

Put about 2 hours into dynamic, and about 20 minutes into pass_gen.pl, and have this (bleeding only):

from sha2.c  (32 bit build)
$ ../run/john -test=5 -form=dynamic_39
Benchmarking: dynamic_39: sha256($s.$p) [32/32 128x1 (MD5_Body)]... DONE
Many salts:     1638K c/s real, 1592K c/s virtual
Only one salt:  1590K c/s real, 1508K c/s virtual

and built against oSSL
$ ../run/john -test=5 -form=dynamic_39
Benchmarking: dynamic_39: sha256($s.$p) [32/32 128x1 (MD5_Body)]... DONE
Many salts:     1910K c/s real, 1948K c/s virtual
Only one salt:  1804K c/s real, 1835K c/s virtual


Should be able to do everything the 'existing' dynamic can do, but now can also use SHA224 and SHA256, and not just SHA1

Added 3 new flags:  

MGF_SHA256_64_BYTE_FINISH   (note will detect 56 byte hex-hashes and switch to sha224 mode)
MGF_GET_SOURCE_SHA224
MGF_GET_SOURCE_SHA256

and added 8 dynamic functions.  Right now, I only have sha256 'interface', and it switches over to sha224 if valid detects this is a 56 byte hash.  Probably NOT the best way to proceed, but what do you expect in 2 hours of coding ;)  It is just a start, but should be pretty functional.

Likely, I i will add sha224 functions, and add the input flag.  That way, they could be used interchangably.

NOTE, these functions have not been written with any SSE in them (since we do not have SSE).  However, if these are used for ANYTHING other than  sha224(string) or sha256(string), then there would be no way to do SSE anyway.  With 56 byte hex hashes for sha224 and 64 for sha256, it blows SSE out of the water.

It is NOT in magnum-jumbo bleeding 'yet', but should get there soon.  I will probably build the sha224 interface before uploading, and I see a nit in the display (MD5_Body) should not be shown, since it is not USING MD5_Body functions.

Jim

---- jfoug <jfoug@....net> wrote: 
> NOTE, sha256/224 ARE on my wish-list, as soon to be added, 
>>
>> From: Elijah [W&P] [mailto:smarteam.support@...il.com] 
>> What can be be popular now is sha256($salt.$pass) and extra points for the salt to be "regenable" (00-99)
>> http://forum.insidepro.com/viewtopic.php?p=99119#99119
>> This one is believed to be related with recent fÐūrmspring "incident"

NOTE, now that this is in dynamic format, I can also do a 'regen-salt' for this one :)

Jim.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ