Date: Sat, 5 Mar 2011 23:06:37 -0600 From: "jfoug" <jfoug@....net> To: <john-dev@...ts.openwall.com> Subject: RE: Re: md5_gen, proposed functionality >From: magnum [mailto:rawsmooth@...dband.net] > >Sounds very good. Just curious, how simple/hard/sensible would it be to >rip all the "generic" part out of that for a true sha1-gen format? The true 'generic' stuff is pretty easy. Yes, there are a ton of functions, but many of them are simply due to multiple same code, just to different input and output. Porting the methods of md5-gen to other hash types should not be too hard. Time consuming, but not hard. >Even wilder, how about a generic_generic format that does the same with >more or less any raw hashing? Just thinking out of the box here :-) Getting a 'generic' generic (a super, to do something like md5($s.sha1($p).md4($s.$p)) would be quite a bit harder. Many of the performance related items are getting data into the SSE x4 format, and keeping it there. However, md5 and sha do not have compat formats, IIRC. I think SHA is big endian. MD5 is little. I think this would (or may) cause problems, and require quite a bit of overhead on conversions. >I am impressed that the user md5_gen(1xxx) formats seem to perform the >same as the hard coded ones. The external ones, in john.conf, really work 100% same as the ones 'built-in'. It is all in getting enough primitive 'parts' built. Then building the script to use the 'proper' ones. Maybe it is not that magic but it's well >done. It would be very powerful if it could be taken further so one >could produce more or less any function, like having it do md4($p.$s) or >sha1(unicode($p.$u)) too. A majority of John's supported formats could >be thin, or even just sections in john.conf. Most 'should' be. The ones that are 'hard', are ones like MD5($1$) or Apache($apr1$) or even phpass. The reason I say most 'should' be, is they are much easier to 'maintain' if thin. Also, if md5-gen (or other 'super' format), gets enhanced, many (or most) of the thin formats would also get sped up. Keeps them more 'cutting' edge. >Just random thoughts for the future. Been thinking that way myself, for a while. >magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.