Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 17 Jun 2012 17:05:44 +0200
From: magnum <>
Subject: Re: Re: [patch] optional new raw sha1 implemetation

On 2012-06-17 16:45, Tavis Ormandy wrote:
> Regarding the linkedin hashes, I haven't looked at them, but if I
> understand correctly they're just SHA-1 with A set to 0? I think you
> can just adjust for that in cmp_one() and it will magically work, as I
> only look at E in my code.
> In fact, I only look at A75 rol 2, because this lets me skip 5 rounds in
> the common case :-)

Yes. We have a rawSHA1_LinkedIn_fmt_plug.c that does this (diff it 
against rawSHA1_fmt_plug.c). It's actually just the first 20 bits that 
is cleared but obviously chances are pretty slim for a collision.

We had a version in bleeding that cracked the linkedin hashes but stored 
complete (repaired) hashes in john.pot. That was a cool idea but it had 
side effects so it was reverted for now.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.