Follow us on Twitter or via RSS feeds with tweets or complete announcement texts or excerpts
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 3 Sep 2012 05:01:44 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: m3g9tr0n rules

On Mon, Sep 03, 2012 at 02:44:38AM +0200, magnum wrote:
> On 09/02/2012 02:19 PM, Solar Designer wrote:
> > >[1-9A-Z] i\0[ -~]
> > o[0-9A-Z][ -~] Q
> 
> Would a length check in the second rule not make any difference to 
> performance? Well, I assume it wont since you did not include one :)

I included the "Q" instead.  A length check might be faster to perform,
yes, but it won't affect what candidate passwords are generated.

> Also, in Jumbo we have the ->N rule reject. Using that should help 
> performance, eg:
> 
> ->[1-9A-Z] >\0 i\0[ -~]
> ->[0-9A-Z] o\0[ -~] Q

Yes, thanks.  I forgot that we had it.  BTW, I am not happy that its
definition is a bit inconsistent with the similarly looking rule
command.  The reject flag:

->N	reject this rule unless length N or longer is supported

The command:

>N	reject the word unless it is greater than N characters long

Notice how it is "length N or longer" in one case and strictly "greater
than N" in the other.  I agree that "length N or longer" may be more
appropriate for practical use of the reject flag, though.

Maybe I should use a character other than ">" when merging this feature
into core.  Any suggestions?

Alexander

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ