Date: Sun, 07 Mar 2010 02:25:18 +0100 From: "Magnum, P.I." <rawsmooth@...dband.net> To: john-users@...ts.openwall.com Subject: Re: Feedback on the generic crypt(3) patch Magnum, P.I. skrev: >> It also adds some dupe-salt checking code that seemed to be missing, >> in the unlikely case there are duplicates. > > Hm, some tests reveal that it still doesn't recognize duplicate salts. > It probably doesn't make much sense anyway as the system call won't take > benefit from duplicate salts. Still, I'd like the output of "Loaded x > password hashes with y different salts" to come out right. What did I miss? > Sorry again for the spamming, I really thought I got it right but I got the lengths wrong despite what I thought were valid double-checks. I enclose a fixed fix of the fix. Like before, this patch can be applied after Solar's "john-126.96.36.199-generic-crypt-1.diff.gz" Another strange thing though. I made up a password file of 1000 entries using the same salt. SHA-256 performs at ~275000 c/s and SHA-512 at 119000 c/s. The benchmarks report figures (for "same salt" too) in order of 1/1000 of that. When I test the same using different salts, it performs at about the speed as reported by the benchmark. This tells me there is actually a benefit of duplicate salts which is a surprise in itself, and why isn't the benchmark reflecting this? View attachment "crypt-benchmark.diff" of type "text/x-patch" (2693 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.