Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Jul 2013 01:02:25 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: BUG in pbkdf2_hmac_sha1_unsplit_kernel.cl

Lukas, Marcus,

On 12 Jul, 2013, at 0:31 , marcus.desto <marcus.desto@...pl> wrote:
> Dnia 11 lipca 2013 23:36 magnum <john.magnum@...hmail.com> napisaƂ(a):
>> I was just now going to comment that the sample python code you posted does not include running the OpenCL kernel.
> 
> yes, because you asked me to post my python implementation of pbkdf2-hmac-sha1 first. You said, we will try to build the opencl version of it.

I meant that you should post one short program that does both CPU and OpenCL (so we can test any strings and immediately get verification that the results matches) but nevermind that. Meanwhile I have reproduced the problem using C. Just like you said, for length up to 23 it works fine. At length 24:

$ perl -e 'use Crypt::PBKDF2; $password = "password"; $salt = "123456789012345678901234"; $pbkdf = Crypt::PBKDF2->new(hash_class => "HMACSHA1", iterations => 1, output_len => 20, salt_len => length($salt) ); print unpack("H*", $pbkdf->PBKDF2($salt, $password)), "\n";'
4187d67b5f27ec26f8dd3493699c81952444090c

This matches your python CPU code output.


$ LWS=1 GWS=1 ../run/john -t -form:zip-opencl -dev=0
Device 0: Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz 
Local worksize (LWS) 1, Global worksize (GWS) 1
Benchmarking: zip-opencl, ZIP [PBKDF2-SHA1 AES OpenCL]... /
keylen 64 outlen 20 saltlen 64
in password len 8 salt 123456789012345678901234 len 24 iter 1

password password
salt 123456789012345678901234
iterations 1
key : 70617373 776f7264 00000000 00000000 00000000 
salt : 31323334 35363738 39303132 33343536 37383930 31323334 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 
result : ceeec5df cfaae3fc e8fe82a5 a0bd84b7 66714312 

Unless both python and perl are wrong, this is wrong. Is this what you got as well? I fail to see why length 24 should be a problem. Are we just missing something, overwriting a buffer?

I'll try to find the problem but it might take some time. Lukas, can you spot the problem?

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.