Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 18 Jul 2012 08:22:06 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: Pwsafe, is our algorithm right?

>From: Dhiru Kholia [mailto:dhiru.kholia@...il.com]
>On Wed, Jul 18, 2012 at 6:12 PM, jfoug <jfoug@....net> wrote:
>> see a for loop like this:  for (i = 0; i <= MAX; ++i)  I reaslly think
>> long and hard about if it is right or not.
>
>Yes, at first it does look like a typo.
>
>> I went out to pwsafe site, and downloaded the code.  Here is the
>> stretchkey function, directly from their source tree:
>> NOTICE, for (I = 0; I < N; ++i)
>
>After key stretching is done (ITER times), the result is hashed once
>again later on in the actual code. 

Good news.  Sorry to unnecessarily raise the warning flag.

I will have TS data out shortly.  I have also added lines in ts.dat for CUDA
and OpenCL, but it appears openCL only deals with 15 byte plaintext, so we
will have to adjust the expectation count for that line.  I really need to
see if I can have the TS auth-detect and correct for this, now that the
plaintextlen is in the -list=format-all-details

Jim.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ