Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 25 Mar 2012 19:06:16 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: PDF format

On Sun, Mar 25, 2012 at 6:47 PM,  <jfoug@....net> wrote:
> Dhiru,
>
> The logic in get_salt() and set_salt() should be reversed.
>
> In pkzip format, (which could be used as a reference on 'how' to do this), in the get_salt() I create a complex structure, taking a lot of time, and doing a lot of validation/loading, etc.   I then simply return the address to this structure, using an allocated pointer (which points to the just created structure).   Then within set_salt, the code is VERY simple, and quick.  Here it is on whole.
> Within pdf (and a few other formats), a lot of time is spent within the set_salt function, parsing, allocating, setting up a complex structure.   This type of work should NOT be done within the runtime loop.  If done in set_key(), then it is in the runtime loop, and each salt computation will be done for EACH salt for EACH password (block of pw's) attempted.  This time spent in set_salt() will GREATLY slow down the format.

Thanks Jim and Solar. I will soon fix this issues for the formats I
have written. For some formats, there is no "salt structure" as such
(there is a single set of variables which the set_salt function
modifies).

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.