Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 5 Aug 2012 10:00:12 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Agilekeychain c/s oddly not dependent on PBKDFD2 iterations

Dhiru, Jeffrey -

Have we figured out what was going on here?  I think I never saw a reply
from Dhiru on this.

Thanks,

Alexander

On Sun, Jul 29, 2012 at 01:37:08PM -0500, Jeffrey Goldberg wrote:
> I created a 1Password Agile Keychain with the password "fred". 1Password created it with 20920 PBKDF2 iterations. Although "fred" is included the password.lst, JtR (magnum-jumbo) failed to find it (If I am reading the output correct).
> 
> ./john --wordlist=password.lst   -fo:agilekeychain-opencl ~/Work/AWS/JtR/fred-21000-agile-jtr.txt
> OpenCL platform 0: Apple, 2 device(s).
> Using device 0: Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz
> Compilation log: <program source>:304:16: warning: comparison of integers of different signs: 'int' and 'unsigned int'
>         for (i = 0; i < keylen; i++)
>                     ~ ^ ~~~~~~
> 
> Loaded 1 password hash (1Password Agile Keychain PBKDF2-HMAC-SHA-1 AES [OpenCL])
> guesses: 0  time: 0:00:00:45 DONE (Sun Jul 29 13:13:06 2012)  c/s: 77.79  trying: 123456 - sss
> 
> I'm attaching 
> 
>   fred-21000-agile-jtr.txt
> 
> which is the output of running ./run/agilekc2john.py. Again the 1Password master password for this is "fred" (without the quotes).
> 
> I will try to create an agilekeychain with 1000 PBKDF2 iterations, but that requires an old version of 1Password. (More recent versions determine the number of iterations based on the hardware it is running on. There is no user control of these.)
> 
> Cheers,
> 
> -j

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ