Date: Mon, 5 Dec 2011 20:57:06 +0530 From: piyush mittal <piyush.cse29@...il.com> To: john-dev@...ts.openwall.com Subject: Re: Bit slice implementation of DES based hashes @Simon Also one more thing i need some reference From "LM DES".Is this correct documentation regarding its implementaion? 1. The user’s ASCII <http://en.wikipedia.org/wiki/ASCII> password is converted to uppercase <http://en.wikipedia.org/wiki/Uppercase>. 2. This password is null-padded to 14 bytes. 3. The “fixed-length” password is split into two seven-byte halves. 4. These values are used to create two DES<http://en.wikipedia.org/wiki/Data_Encryption_Standard>keys, one from each 7-byte half, by converting the seven bytes into a bit stream, and inserting a null bit after every seven bits (so 1010100becomes 01010100). This generates the 64 bits needed for a DES key. (A DES key ostensibly consists of 64 bits; however, only 56 of these are actually used by the algorithm. The null bits added in this step are later discarded.) 5. Each of the two keys is used to DES-encrypt the constant ASCII<http://en.wikipedia.org/wiki/ASCII>string “ KGS!@#$%”, resulting in two 8-byte ciphertext values. The DES CipherMode should be set to ECB, and PaddingMode should be set to NONE. 6. These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash. Specially step 5.Is this correct? Thanks On Mon, Dec 5, 2011 at 8:39 PM, piyush mittal <piyush.cse29@...il.com>wrote: > @Simon > > So what it should be? > > > On Mon, Dec 5, 2011 at 2:38 PM, Simon Marechal <simon@...quise.net> wrote: > >> On 03/12/2011 18:45, piyush mittal wrote: >> > 1. Concatenate the username and the password to produce a plaintext >> string; >> > 2. Convert the plaintext string to uppercase characters; >> > 3. Convert the plaintext string to multi-byte storage format; ASCII >> > characters have the >> > high byte set to 0x00; >> > 4. Encrypt the plaintext string (padded with 0s if necessary to the next >> > even block length) >> > using the DES algorithm in cipher block chaining (CBC) mode with a fixed >> > key value of >> > 0x0123456789ABCDEF; >> > 5. Encrypt the plaintext string again with DES-CBC, but using the last >> > block of the output >> > of the previous step (ignoring parity bits) as the encryption key. The >> > last block of the >> > output is converted into a printable string to produce the password hash >> > value. >> >> This looks correct. Obviously step 3 will not work as expected when just >> interleaving nul bytes. >> > > > > -- > Piyush Mittal > M.Tech SEM-Ist > Department of Computer Science and Engineering > National Institute of Technology,Rourkela > INDIA > Email. piyush.cse29@...il.com > 211cs2281@...rkl.ac.in > Mob. +91 8260859399 > > -- Piyush Mittal M.Tech SEM-Ist Department of Computer Science and Engineering National Institute of Technology,Rourkela INDIA Email. piyush.cse29@...il.com 211cs2281@...rkl.ac.in Mob. +91 8260859399 Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.