Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Dec 2005 06:26:28 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re:  john improvement suggestions

On Wed, Dec 21, 2005 at 02:06:57PM +1100, David Luyer wrote:
> From memory on OSF/1 (and thus Digital Unix/Tru64), this is simpler;
> any password over 8 chars is stored as the two salt chars followed by
> n x 11 characters, all using the same salt.

Well, no, that's not how it works on versions of Digital Unix that I've
seen.  The second 8 char block would be hashed using a different salt,
like Radim has described.  That's also what John the Ripper currently
supports.

I am just not sure what happens for passwords in excess of 16
characters.  Is there a third 8/11 characters block?  Does it similarly
use characters from the second hash block as the salt?  I think so, but
I am not 100% sure.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ