Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 12 Aug 2015 21:26:01 +0800
From: Lei Zhang <>
Subject: Re: Formats using non-SIMD SHA2 implementations

> On Jul 20, 2015, at 7:18 PM, magnum <> wrote:
> On 2015-07-19 11:35, Lei Zhang wrote:
>>> On Jul 19, 2015, at 11:04 AM, Lei Zhang <> wrote:
>>> I have no clear idea which formats rely on SHA2 just from their names, except for a few apparent ones (e.g. rawSHA256_fmt_plug.c). Could you give me some hints about that?
>> I used this command to find formats that use OpenSSL's SHA2 functions but not JtR's SIMD implementation:
>> $ grep -E 'SHA256_Update|SHA512_Update' *.c -l | xargs grep SIMD -L
> I tried a different grep and ended up with mostly the same list (sha0 is just a false positive of course).
> $ git grep -lE "ALGORITHM_NAME.*SHA[- ]?[235]"|grep -vE "opencl|cuda"|xargs grep -L SIMD
> 7z_fmt_plug.c
> clipperz_srp_fmt_plug.c
> dragonfly3_fmt_plug.c
> dragonfly4_fmt_plug.c
> episerver_fmt_plug.c
> keepass_fmt_plug.c
> pdf_fmt_plug.c
> rawSHA0_fmt_plug.c
> The dragonfly formats are not very interesting. I guess the 7z format would be appreciated but it's tricky with different length candidates in a batch. I'm not sure about the others.

Now I just finished episerver. I took a close look at the rest of the formats in that list, and found a few 'technical' issues.

- For 7z, keepass and pdf, there's AES encryption involved at some step of hashing (and also RC4 in pdf). But so far we don't have a SIMD implementation of AES (or RC4). I'm not sure how to handle this.

- In clipperz, the salt has a maximum length of 128 byte, which is beyond the size of a single input block for SHA256. I've seen flags like SSEi_2BUF_INPUT and SSEi_4BUF_INPUT. I guess I'll have to quadruple the size the vector buffer to accommodate the salt ?

- The dragonflys seem quite straightforward to me. But they are not interesting ?


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ