Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 2 Feb 2012 04:07:47 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: generic crypt [was: OpenCL support on OSX]

On Wed, Feb 01, 2012 at 09:04:28AM +0100, magnum wrote:
> Nevermind. But speaking of crypt, I now noticed that FreeBSD et al do
> not use c3_fmt. Is that because they would probably not give us any new
> format?

That was my original rationale, yes - but it no longer applies.  FreeBSD
now supports Ulrich's SHA-crypt (at least I see it in their source tree).

> It could still be usable for verifying MD5's for longer than 15
> chars, and such things. And they may introduce new stuff, just like
> DragonFly BSD.

Right.  Perhaps we should enable c3_fmt for more systems.  And your
proposal is actually a good one in that context.

We could also enhance c3_fmt itself to detect salts for DragonFly's
broken SHA-2 stuff (now obsoleted due to our pushing).

> BTW it seems OSX do have a crypt(3) capable of original DES and the one
> with _salt (From memory that's BSDI, right?). Would it not work with
> HAVE_CRYPT?

I think it would work.  Do you know if it supports anything else as well?

> Not that it would add anything useful to John, except
> showing how much faster optimised bitslice DES is compared to crypt calls :)

Right.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.