Date: Fri, 13 May 2016 15:01:57 +0300 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: WinZip PBKDF2 use optimization Jim, magnum - atom just posted this: Behind the WinZip KDF optimization https://hashcat.net/forum/thread-5451.html It's about only needing to compute some of the PBKDF2 output blocks for AES key sizes larger than 128 bits. I vaguely recalled that we already had it, and I went to check - to my surprise, it looks like the code currently in jumbo is fully prepared for this optimization, but does not actually include it for WinZip. Specifically, pbkdf2_hmac_sha1.h says: * simpler, AND contains an option to skip bytes, and only call the hashing * function where needed (significant speedup for zip format). Indeed, it accepts a parameter skip_bytes, but somehow zip_fmt_plug.c passes 0 for that parameter all the time. Looking through commits history for zip_fmt_plug.c, I found that the optimization was lost with: commit 528e6bcfb1a59f068b70c63b3c0d7ffc62c32ce4 Author: JimF <jfoug@....net> Date: Sun Jul 6 22:03:13 2014 -0500 zip2 format. #434 #691 Removed FMT_NOT_EXACT. Now fully detects passwords. Can the two of you look into this, please, and likely reintroduce the optimization? Also check the OpenCL format for the same. Thanks, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.