Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 18 Dec 2011 16:38:10 +0530
From: piyush mittal <piyush.cse29@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Bit slice implementation of DES based hashes

At last a new twist came. The character equivalent of Ox0123456789ABCDEF is
a sequence of special characters i.e NON ASCII.Therefore it is mandatory to
use Unicode in oracle and then I hope we also need to change whole code of
Bit slice DES to Unicode because there every calculation is going on with
respect to ASCII char only .


On Sun, Dec 18, 2011 at 6:38 AM, piyush mittal <piyush.cse29@...il.com>wrote:

> You really don't need salts and iterations of DES_bs_crypt().  You need
>> different ones, which you may implement externally to your slight
>> revision of DES_bs_crypt_LM().
>>
>
> Yes *Of course.*May be today I will be able to finish out the whole work*.
> *
>
>
> Thanks
>
>
>
>
>
> On Sun, Dec 18, 2011 at 3:54 AM, Solar Designer <solar@...nwall.com>wrote:
>
>> On Sat, Dec 17, 2011 at 10:01:24PM +0530, piyush mittal wrote:
>> > Yes, that is true that we can call  DES_bs_set_key() with same fixed key
>> > for all layers.But what about different plain text that we need i.e if
>> we
>> > see into struct fmt_main initialisation it sends all stored list of
>> > password through method set_key().
>>
>> Just because the format method is named set_key() doesn't imply that it
>> has to call DES_bs_set_key().  In your case, it sounds like it should not.
>> Instead, according to what you're saying, it should either initialize a
>> bit layer in B or it should save the password as-is e.g. in a
>> saved_key[] entry (like some formats do) and then have crypt_all()
>> process those passwords into their bit layers in B[] before calling a
>> revision of DES_bs_crypt_LM().
>>
>> > > As I suggested, DES_bs_crypt_LM() is a closer match.  DES_bs_crypt()
>> > > adds salts and iterations, which you don't need.
>> >
>> > No.Salt and iterations also exist in oracle.Salt here is user name and
>> we
>> > need two iterations.
>>
>> You really don't need salts and iterations of DES_bs_crypt().  You need
>> different ones, which you may implement externally to your slight
>> revision of DES_bs_crypt_LM().
>>
>> > Let me summarise you what actually going on.
>> >
>> > 1.Concatenate user name(i.e salt) and password to get plain text
>> string(i.e
>> > input plain text for DES).
>> > 2.Encrypt plain text string in CBC mode using fixed key
>> 0x0123456789ABCDEF.
>> > 3.Encrypt the plain text string again in CBC mode but using the last
>> block
>> > of o/p of previous step as the encryption key.
>> >
>> > so if I will apply DES_bs_crypt_LM() then step 2 can be done but step 3
>> > again needs number of modifications
>>
>> Please don't worry about efficiency for your initial implementation.
>> When you don't worry about efficiency, you can just use a trivial
>> revision of DES_bs_crypt_LM() (with B initialization removed) for both
>> step 2 and step 3 above.  You will need to replace K between steps 2 and
>> 3, but you can do it externally to the function.
>>
>> Of course, the goal of bitslicing is to improve performance, so you will
>> need to worry about it at some point, but initially your goal is just to
>> get things working.
>>
>> Thanks,
>>
>> Alexander
>>
>
>
>
> --
> Piyush Mittal
> Department of Computer Science and Engineering
> National Institute of Technology,Rourkela
> INDIA
>
>
>


-- 
Piyush Mittal
Department of Computer Science and Engineering
National Institute of Technology,Rourkela
INDIA

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.