Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 28 Aug 2009 23:50:05 -0500
From: "JimF" <>
To: <>
Subject: Re: Thoughts and questions on creation of a 'generic' MD5 hash set format (to handle 'all' of them)

I guess we 'should' start making an official set of john md5_gen(#) 

I think:

md5_gen(0) --> md5($p)
md5_gen(1) --> md5($p.$s)
md5_gen(2) --> md5(md5($p))
md5_gen(3) --> md5(md5(md5($p)))
md5_gen(4) --> md5($s.$p)
md5_gen(5) --> md5($s.$p.$s)
md5_gen(6) --> md5(md5($p).$s)
md5_gen(6) --> md5(md5($s).$p)
md5_gen(7) --> md5($s.md5($p))
md5_gen(8) --> md5($s.md5($s.$p))
md5_gen(9) --> md5($s.md5($p.$s))
md5_gen(10) --> md5(md5($s).md5($p))  // note will NOT work in SSE2 code
md5_gen(11) --> md5(md5($p).md5($s))  // note will NOT work in SSE2 code
md5_gen(12) --> md5($s.md5($p).$s)
md5_gen(13) --> md5($u.md5($p).$s)      // note $u is not handled yet (but 
we can 'reserve' the format)
md5_gen(14) --> md5(md5(md5($p).$s).$s2) // note 2 salts is not handled yet.

**** If people know of other formats that ARE actually used, then list them 
now.  *****

Solar spoke:
>I think that for decent performance there got to be some shortcut for
>the simple/typical cases like that.  Maybe the shortcut should be right
>in the input syntax, maybe it should be in having separate "formats" for
>simple vs. complicated hash types, or maybe it should be in the code
>(auto-detection of simple special cases with corresponding substitution
>of function pointers, etc. to avoid further overhead).

Even in the MD5-raw format, the speed is almost identical to the 'original' 
hand coded version. The only 'real' difference, is a couple of extra 
function calls, and an extra buffer copy for each password, since in this 
'generic' code, the original password buffer is NOT used, but passwords are 
copied from them, into the 'working' input buffer.  I am quite happy with 
the speed, it is VERY close to hand tuned functions.  I guess time will 
tell, as we get more of the functions 'ported' into this code.

I will be starting on the above set.  I think I can get most of them done 
and in working order in a couple hours of coding time.  The biggest time 
needed, is mock up of 'self-validation' data.  The function pointer 'array' 
can be done in a minute or 2.  The compuation of the hashes, takes a little 
time, and then testing.  The 'self-validation' will quickly check that the 
order of function primatives is working correctly.  It is just busy body 
work, building the data tables.


To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.