Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Sep 2008 00:03:36 +0200
From: Bucsay Balázs <>
Subject: Re: quite fast MD5 hashing implementation


I dont see the solution here, maybe because i'm "blind" :)
a63 -= F(b64,c64,d64) + x + ac;
You can tell here the a63, if you know the "x", but the x is the part of
the right password, so if you know x, you will know something about the
password. Am i right? I hope im not and i can learn a new trick :)

Something else, i do now some research in the freebsd-md5 code, and i
see it use, of course the md5_* functions. But if you check it in the
jtr md5_std.c you will see strange values in the MD5_data_init
structure, the first 4 integer isnt the "right" value:
0xd76aa477, 0xf8fa0bcc, 0xbcdb4dd9, 0xb18b7a77

in the wikipedia, and the freebsd kernel has this values:
0xd76aa478, 0xe8c7b756, 0x242070db, 0xc1bdceee

Maybe again, i cant see something :)

Balázs Bucsay

Simon Marechal wrote:
> Slythers Bro a écrit :
>> in md5
>> #define FF(a, b, c, d, x, s, ac) \
>>   {(a) += F ((b), (c), (d)) + (x) + (unsigned int)(ac); \
>>    (a) = ROTATE_LEFT ((a), (s)); \
>>    (a) += (b); \
>>   }
>> in my opinion the two last line are the real "chaos" in md5
> I fail to see the problem. You know a64,b64,c64,d64 at the last step.
> You just have to do that:
> a63 = a64 - b64;
> a63 = ROTATE_RIGHT(a63, s);
> a63 -= F(b64,c64,d64) + x + ac;

To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.