Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 31 Dec 2012 09:33:59 +0530
From: Dhiru Kholia <>
Subject: Re: Formats dmg, encfs and strip crash on longer passwords

On Monday 31 December 2012 09:11 AM, magnum wrote:
> I have now modified Lukas' pbkdf2-hmac-sha1 so it can handle a max. 
> length of 64. I see we have some formats that use Gladman's 
> derive_key() instead. This is slower. I tried changing ODF to 
> keychain.h and pbkdf2() and got a 60% boost but I'm not sure it 
> supports all variants (if there are any?) so I did not commit that. 
> Gladman's function has one more parameter and I'm not sure if it 
> matters. I also tried SXC but got no boost, no idea why. Finally, I 
> tried ZIP but that did not even pass self-test.

1. AES support in ODF format required Gladman's code earlier (due to 
usage of longer salt / password size). This format can now be switched 
to newer and faster PBKDF2 code. ODF CPU format supports both Blowfish 
and AES encryption.

2. Gladman's function's extra parameter is a 2-byte verifier which is 
used in ZIP AES format. This extra parameter is not used by other formats.

3. SXC and no boost is a mystery. I will take a look. Tell me you did 
re-compile ;)

4. ZIP files using AES 256-bit encryption require very long PBKDF2 
output (upto 66 bytes). Can the new PBKDF2 code do this? Strangely the 
zip OpenCL handles this just fine!


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.