Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 19 Aug 2015 00:45:33 +0300
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: 7z's KDF is unsalted

On Tue, Aug 18, 2015 at 11:39:15PM +0200, magnum wrote:
> For WPA-PSK the SSID is the salt (and we do take advantage when 
> possible). For 7-zip the KDF is completely unsalted. You won't see the 
> boost in WPA-PSK benchmarks but in real cracks against same-SSID pcaps. 
> I guess we could add a same-SSID test vector to WPA-PSK to show the 
> boost but it's not as fair a figure.

Right.  So there's little similarity to WPA-PSK here.

> >And doesn't the AES step prevent rainbow tables for 7-Zip (even if it
> >doesn't prevent the speedup you've now implemented)?
> 
> I'm not quite sure. Does it? It's a later step, just like the 
> post-processing for WPA-PSK.

There might be an encryption vs. decryption difference here, but I'll
leave this for someone else to figure out.  Maybe Alain or Aleksey will
want to think of it and comment.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.