Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Jul 2013 09:24:46 +0200
From: marcus.desto <marcus.desto@...pl>
To: john-dev@...ts.openwall.com
Subject: Re: PBKDF2 hash_out treatment

Hello Sayantan,
hello all,
thank you for your mail,.
Dnia 10 lipca 2013 4:20 Sayantan Datta &lt;std2048@...il.com&gt; napisał(a):
Hi,
On Tue, Jul 9, 2013 at 9:26 PM, marcus.desto &lt;marcus.desto@...pl&gt; wrote:
Since hours I am reading the source code to track the way of the output (hash_out_api aka dcc2_hash_host) in file "common_opencl_pbkdf2.c" (and others). Check the crypt_all() call inside opencl_mscash2_fmt.c . The function pbkdf2*() inside cryprt all takes dcc hash as input and produce dcc2 aka mscash2 hash as final output. These output hashes are compared against given test hashes or the loaded hashes during a cracking session.  Regards,Sayantan  
I understand. I also read another *fmt.c files, which seem to contain running and testing parameters for pbkdf2 function, too.
Well, I recodnized that the output buffer always is a struct of specific size containing an array of unsigned int (as declared in parameters of the derive_key oder directly the inline function pbkdf2 in file pbkdf2_hmac_sha1_unsplit_kernel.cl ). I also read that it depends on the type of purpose, how you use or compare it, for example using 3DES in opencl-krb5pa-sha1_fmt.c . But I do not really understand, how to extract the sha-1 hash from that uint buffer for generic purposes.
 
I tried a cpu pbkdf2-hmac-sha1 implementation that returns another hash directly as a string as expected, but from the open implementation I get a uint32 array that does not contain the expected hash values, even when I try to extract them by transforming each array cell into hex and seperating those hex cell values by byte in little endian byte order - EVEN all the parameters for the pbkdf2 function call are the same running ONLY 1 iteration, meaning like in this example:
 
password "OpenCL is cool!" : [ 79 112 101 110  67  76  32 105 115  32  99 111 111 108  33]
password len "15" : 15
passwordSalt "12345678901234567890123456789012" : [49 50 51 52 53 54 55 56 57 48 49 50 51 52 53 54 55 56 57 48 49 50 51 52 53
 54 55 56 57 48 49 50]
passwordSalt "32" : 32
passwordIterations "1" : 1
output : [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0]
output len "18" : 18
 ---
(GPU) PBKDFv2 OpenCL output : [3693445380 2035649531 2455662519 3145116423 2248647139 1453019775
 4067169052 3936728787 2948824749 2123899967  544558090 4033320048
 1861169890 2516477311 2279222218 3196993683  787634920 2667194771]
(GPU) PBKDFv2 OpenCL time   :0.0
i=0     :3693445380     0xdc258104L     =  04 81 25 dc    =     4       129     37      220
i=1     :2035649531     0x79558bfbL     =  fb 8b 55 79    =     251     139     85      121
i=2     :2455662519     0x925e6fb7L     =  b7 6f 5e 92    =     183     111     94      146
i=3     :3145116423     0xbb76ab07L     =  07 ab 76 bb    =     7       171     118     187
(CPU) PBKDFv2 Python output : [8, 21, 158, 90, 228, 228, 117, 216, 33, 87, 37, 34, 136, 181, 43, 19, 188, 150]
(CPU) PBKDFv2 Python time   :0.0
 
I know that the python implementation of pbkdfv2 is correct, because I tested it on some applications, so the function is correct.
But I cannot verify the results of the opencl implementation.
 
Could you tell me, how to treat the uint array to get the generic pbkdf2 hmac sha-1 hash string, please?
 
Thanks,
 
regards,
Marcus
 
 
Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.