[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 10 Aug 2013 16:48:15 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Parallella: bcrypt
Katja,
On Fri, Aug 09, 2013 at 04:10:42PM +0200, Katja Malvoni wrote:
> On Fri, Aug 9, 2013 at 3:41 PM, Solar Designer <solar@...nwall.com> wrote:
> > I think it'll be easier for you to debug this if you create a program
> > that will verify each and every computed bcrypt hash. (As discussed
> > before, this is not what happens when we're cracking passwords.
> > Although we do use every bcrypt computation results, most failures can
> > go undetected.)
> >
> > With a 100%-verifying program, you should be able to trigger the issue
> > much more quickly and more reliably, so you'd be able to test different
> > theories as to its cause quicker too.
>
> OK, I'll do that.
Here's further advice on this: use $2a$00 hashes - that is, with only
one iteration of the (otherwise) most costly loop. These are not
exactly valid bcrypt hashes (the original implementation imposes a
minimum of 04 for the cost setting), yet you may use them for quicker
testing, as well as to stress-test the host-Epiphany communication.
Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
