Date: Sat, 30 Jun 2012 01:31:25 +0200 From: magnum <john.magnum@...hmail.com> To: john-dev@...ts.openwall.com Subject: Re: Re: Re: md5 internals question On 2012-06-29 13:33, Tavis Ormandy wrote: > One final question, I would need to limit input to 15 chars (or 16, but > would require two comparisons), would this make it useless to everybody > else? (I work in security, but I do vulnerability research, so never need to > crack passwords. I'm primarily interested in the optimization challenge). > What sizes are typical salts? What is the absolute minimum input size I > would need to support to be useful outside of rawmd5? IMHO 15-16 is right about the limit. If you make it 8, I will say it's approaching useless. But 15/16 is fine, longer passwords could be cracked with Simon's version and they are pretty few. I do not really get why you need this limit though. Anything less than 55 should be the same work from then on, no? magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.