Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Jul 2013 13:31:22 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: PBKDF2 hash_out treatment

On 10 Jul, 2013, at 12:21 , marcus.desto <marcus.desto@...pl> wrote:
> Hi Alexander,

That's not me :-)  My name is magnum (and only that - the "john" in my email address just refers to JtR).


>> Also, I'm not sure but I would assume the mscash2-opencl format does not support an iteration count of 1, again because of optimizations.
> 
> I am using pbkdf2_hmac_sha1_unsplit_kernel.cl not the mscash2-open opencl implementation.

OK. I think pbkdf2_hmac_sha1_unsplit_kernel.cl is better for your intentions and I'm pretty sure it does support running just one iteration. I also think it will return a normal byte sequence and it should be trivial to unpack it to a standard hex string.

Here's a test vector for pbkdf2-hmac-sha1 at one iteration:

     Input:
       P = "password" (8 octets)
       S = "salt" (4 octets)
       c = 1
       dkLen = 20

     Output:
       DK = 0c 60 c8 0f 96 1f 0e 71
            f3 a9 b5 24 af 60 12 06
            2f e0 37 a6             (20 octets)

I take it your intention is to get that as a hex string of "0c60c80f961f0e71f3a9b524af6012062fe037a6", right?

Please post a complete python program, as short/clean as possible, that just calculates this hard-coded test vector and prints the output, first using some prefab Python CPU function, and then (trying to) using pbkdf2_hmac_sha1_unsplit_kernel.cl. I'm sure we can help you get it straight from there.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ