
MessageID: <20130818215809.GA31512@openwall.com> Date: Mon, 19 Aug 2013 01:58:09 +0400 From: Solar Designer <solar@...nwall.com> To: johndev@...ts.openwall.com Subject: Re: Parallella: bcrypt On Mon, Aug 19, 2013 at 12:01:46AM +0400, Solar Designer wrote: > On Sun, Aug 18, 2013 at 11:51:07PM +0400, Solar Designer wrote: > > Triggered it again, saving pot files this time. The missing > > hash:password is: > > > > $2a$04$112345678911234567891ut.qFr6.NeNDdZuUfBk5WAqRX93tRWSS:38954 > > > > (this time). In case this is relevant: > > > > $ echo $[38954%32] > > 10 > > > > ... now to trigger this a few times more. > > Two more: > > $2a$04$112345678911234567891ur.oaCV2tDJHauGmoz3XARSRocAbQ0Ci:21542 > $2a$04$112345678911234567891uVnXpBKo1PxsBoYbrgOLkoMFF1zhBEeG:39883 > > These are 6 and 11 (mod 32). And even more (different runs): $2a$04$112345678911234567891uRg/fbu9EZHgvUadzNE4pGTLkEwttzty:30209 $2a$04$112345678911234567891uRPI0ng7O3BV4hUhIGqNi7gyKD7x5IJe:31945 $2a$04$112345678911234567891uhK92kL/3u4NTvd77St2BEZ0RJ7vkHU.:21030 That's 1, 9, 6 (mod 32). And most curious: 49996g 0:00:00:45 1104g/s 1104p/s 2209c/s 27639KC/s 49984..49999  john.pot2004 20130818 20:49:31.542847499 +0000 +++ john.pot2005 20130818 20:50:18.904229807 +0000 @@ 4848,14 +4848,10 @@ $2a$04$012345678901234567890u/i8Y7/xYFt9DZd0DYkxh60jgD1YsTny:4858 $2a$04$012345678901234567890u2yRiEE8WsFXzxvrDiUVaCwRTQm6ZguW:4860 $2a$04$012345678901234567890u.G7CVtlS.LpNoSUgBlS9w0kJ40UJWny:4862 $2a$04$112345678911234567891u4o8k.PGqgCJIRrMZHe7b1T5B3hCAllW:4834 $2a$04$112345678911234567891uk7k5RqHTPYjRGsKWNX7DOjRQKkiYHUC:4837 $2a$04$112345678911234567891uyX7fANC2NhkCplNfQGJSSc35YFPCJTO:4841 $2a$04$112345678911234567891uE3rGc.x1ksKl.hiqd9bgNIQqUu3r1a.:4844 $2a$04$112345678911234567891uDCEIDJuHwsITwskWEST7KuzuueNrotC:4845 $2a$04$112345678911234567891ugh4mgc25BcubuBA92rC9Zb5Z1sixiEy:4848 $2a$04$112345678911234567891uwXt3vllXr/mz5IaQtDY4ItJd4v2lS6W:4849 $2a$04$112345678911234567891uJ0T7PY2BNMYoGLxq/pcK98.l4eSE3oy:4850 $2a$04$112345678911234567891uc5RjWf36ocOjJrkblDvEaF0T7K7Jhiq:4851 $2a$04$112345678911234567891ucHWM4O.cKekIgRYOiUy.5qc.qJ7fJ9e:4853 $2a$04$112345678911234567891uAknLHyDfauaTrN0X3kLEb9TznfNGvo2:4854 Looks like 4 hashes were not computed/processed correctly, all within the same 32password block. These are 2, 9, 13, 18 (mod 32). Also curious: 49998g 0:00:00:46 1076g/s 1076p/s 2153c/s 26939KC/s 49984..49999 but that's two separate 32password blocks this time: $2a$04$112345678911234567891uCbiXnq/I4.GHJ81jckowARk3MV4T2vq:33771 $2a$04$112345678911234567891u3vLPairuVgqHBY3JKpWbpg2GsyYXttS:45997 These are 11 and 13 (mod 32). > So far all three have this in common: the second one of two salts, and > the (mod 32) password numbers are all within the first half of a > 32password range. (When generating these hashes, one of the two salts > was chosen at random, without obvious correlation to hash number. So > these are two separate observations.) This is still almost true for all observations so far, with the only exception being 18 (mod 32), but it occurred in the same block with 2 (mod 32) also failing  and these two were computed on the same core at the same time, if I understand correctly (the difference is 16). All of the failures are consistently for the second one of the two salts so far. Alexander
Powered by blists  more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.