Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 5 Dec 2011 20:57:06 +0530
From: piyush mittal <piyush.cse29@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Bit slice implementation of DES based hashes

@Simon

Also one more thing i need some reference From "LM DES".Is this correct
documentation regarding its implementaion?


   1. The user’s ASCII <http://en.wikipedia.org/wiki/ASCII> password is
   converted to uppercase <http://en.wikipedia.org/wiki/Uppercase>.
   2. This password is null-padded to 14 bytes.
   3. The “fixed-length” password is split into two seven-byte halves.
   4. These values are used to create two
DES<http://en.wikipedia.org/wiki/Data_Encryption_Standard>keys, one
from each 7-byte half, by converting the seven bytes into a bit
   stream, and inserting a null bit after every seven bits (so 1010100becomes
   01010100). This generates the 64 bits needed for a DES key. (A DES key
   ostensibly consists of 64 bits; however, only 56 of these are actually used
   by the algorithm. The null bits added in this step are later discarded.)
   5. Each of the two keys is used to DES-encrypt the constant
ASCII<http://en.wikipedia.org/wiki/ASCII>string “
   KGS!@#$%”, resulting in two 8-byte ciphertext values. The DES CipherMode
   should be set to ECB, and PaddingMode should be set to NONE.
   6. These two ciphertext values are concatenated to form a 16-byte value,
   which is the LM hash.



Specially step 5.Is this correct?

Thanks


On Mon, Dec 5, 2011 at 8:39 PM, piyush mittal <piyush.cse29@...il.com>wrote:

> @Simon
>
> So what it should be?
>
>
> On Mon, Dec 5, 2011 at 2:38 PM, Simon Marechal <simon@...quise.net> wrote:
>
>> On 03/12/2011 18:45, piyush mittal wrote:
>> > 1. Concatenate the username and the password to produce a plaintext
>> string;
>> > 2. Convert the plaintext string to uppercase characters;
>> > 3. Convert the plaintext string to multi-byte storage format; ASCII
>> > characters have the
>> > high byte set to 0x00;
>> > 4. Encrypt the plaintext string (padded with 0s if necessary to the next
>> > even block length)
>> > using the DES algorithm in cipher block chaining (CBC) mode with a fixed
>> > key value of
>> > 0x0123456789ABCDEF;
>> > 5. Encrypt the plaintext string again with DES-CBC, but using the last
>> > block of the output
>> > of the previous step (ignoring parity bits) as the encryption key. The
>> > last block of the
>> > output is converted into a printable string to produce the password hash
>> > value.
>>
>> This looks correct. Obviously step 3 will not work as expected when just
>> interleaving nul bytes.
>>
>
>
>
> --
> Piyush Mittal
> M.Tech SEM-Ist
> Department of Computer Science and Engineering
> National Institute of Technology,Rourkela
> INDIA
> Email. piyush.cse29@...il.com
>           211cs2281@...rkl.ac.in
> Mob. +91 8260859399
>
>


-- 
Piyush Mittal
M.Tech SEM-Ist
Department of Computer Science and Engineering
National Institute of Technology,Rourkela
INDIA
Email. piyush.cse29@...il.com
          211cs2281@...rkl.ac.in
Mob. +91 8260859399

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.