Date: Sat, 10 Aug 2013 16:48:15 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: Parallella: bcrypt Katja, On Fri, Aug 09, 2013 at 04:10:42PM +0200, Katja Malvoni wrote: > On Fri, Aug 9, 2013 at 3:41 PM, Solar Designer <solar@...nwall.com> wrote: > > I think it'll be easier for you to debug this if you create a program > > that will verify each and every computed bcrypt hash. (As discussed > > before, this is not what happens when we're cracking passwords. > > Although we do use every bcrypt computation results, most failures can > > go undetected.) > > > > With a 100%-verifying program, you should be able to trigger the issue > > much more quickly and more reliably, so you'd be able to test different > > theories as to its cause quicker too. > > OK, I'll do that. Here's further advice on this: use $2a$00 hashes - that is, with only one iteration of the (otherwise) most costly loop. These are not exactly valid bcrypt hashes (the original implementation imposes a minimum of 04 for the cost setting), yet you may use them for quicker testing, as well as to stress-test the host-Epiphany communication. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.