Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 12 Jul 2012 16:03:51 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: request for new dynamic subformats

I was able to add sha384/sha512 into dynamic in a couple of hours.  I added many new formats. I move the dyna_39 (which is sha256($s.$p)) and now call it dyna_61.

Dyna_50's are for sha224, Dyna_60's for sha256, dyna_70's for sha384 and dyna_80's for sha512.

Here are the 'currently' allocated dyna's for SHA2 crypts:

Benchmarking: dynamic_50: sha224($p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_51: sha224($s.$p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_52: sha224($p.$s) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_60: sha256($p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_61: sha256($s.$p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_62: sha256($p.$s) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_70: sha384($p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_71: sha384($s.$p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_72: sha384($p.$s) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_80: sha512($p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_81: sha512($s.$p) [32/32 128x1 (MD5_Body)]... DONE
Benchmarking: dynamic_82: sha512($p.$s) [32/32 128x1 (MD5_Body)]... DONE

Again, I have to 'fix' the MD5_Body part, it will be done by the time I release.  I also have all of these formats in pass_gen.pl, and also in the TS.  All tests in the TS pass just fine.

I will get this SHA2 stuff wrapped up, get the proper patches made and uploaded to git.  NOTE, these are only for magnum-jumbo, and magnum-bleeding.  These are NOT going to be put into the upcoming Jumbo-7, since it does not contain the sha2.c code.

Jim.

>-----Original Message-----
>From: jfoug@....net [mailto:jfoug@....net]
>Sent: Wednesday, July 11, 2012 9:42 PM
>To: john-dev@...ts.openwall.com
>Subject: RE: [john-dev] request for new dynamic subformats
>
>Put about 2 hours into dynamic, and about 20 minutes into pass_gen.pl,
>and have this (bleeding only):
>
>from sha2.c  (32 bit build)
>$ ../run/john -test=5 -form=dynamic_39
>Benchmarking: dynamic_39: sha256($s.$p) [32/32 128x1 (MD5_Body)]... DONE
>Many salts:     1638K c/s real, 1592K c/s virtual
>Only one salt:  1590K c/s real, 1508K c/s virtual
>
>and built against oSSL
>$ ../run/john -test=5 -form=dynamic_39
>Benchmarking: dynamic_39: sha256($s.$p) [32/32 128x1 (MD5_Body)]... DONE
>Many salts:     1910K c/s real, 1948K c/s virtual
>Only one salt:  1804K c/s real, 1835K c/s virtual
>
>
>Should be able to do everything the 'existing' dynamic can do, but now
>can also use SHA224 and SHA256, and not just SHA1
>
>Added 3 new flags:
>
>MGF_SHA256_64_BYTE_FINISH   (note will detect 56 byte hex-hashes and
>switch to sha224 mode)
>MGF_GET_SOURCE_SHA224
>MGF_GET_SOURCE_SHA256
>
>and added 8 dynamic functions.  Right now, I only have sha256
>'interface', and it switches over to sha224 if valid detects this is a
>56 byte hash.  Probably NOT the best way to proceed, but what do you
>expect in 2 hours of coding ;)  It is just a start, but should be pretty
>functional.
>
>Likely, I i will add sha224 functions, and add the input flag.  That
>way, they could be used interchangably.
>
>NOTE, these functions have not been written with any SSE in them (since
>we do not have SSE).  However, if these are used for ANYTHING other than
>sha224(string) or sha256(string), then there would be no way to do SSE
>anyway.  With 56 byte hex hashes for sha224 and 64 for sha256, it blows
>SSE out of the water.
>
>It is NOT in magnum-jumbo bleeding 'yet', but should get there soon.  I
>will probably build the sha224 interface before uploading, and I see a
>nit in the display (MD5_Body) should not be shown, since it is not USING
>MD5_Body functions.
>
>Jim
>
>---- jfoug <jfoug@....net> wrote:
>> NOTE, sha256/224 ARE on my wish-list, as soon to be added,
>>>
>>> From: Elijah [W&P] [mailto:smarteam.support@...il.com]
>>> What can be be popular now is sha256($salt.$pass) and extra points
>for the salt to be "regenable" (00-99)
>>> http://forum.insidepro.com/viewtopic.php?p=99119#99119
>>> This one is believed to be related with recent fоrmspring "incident"
>
>NOTE, now that this is in dynamic format, I can also do a 'regen-salt'
>for this one :)
>
>Jim.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.