Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 23 Feb 2011 03:46:25 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: MD5 Generic improvements

Simon,

On Mon, Feb 21, 2011 at 10:00:15AM +0100, Simon wrote:
> On 18/02/2011 20:58, Solar Designer wrote:
> > with this patch (maybe bugs).  Simon - can you please take a look and
> > likely upload a corrected patch against -jumbo-12?
> 
> I checked this, and the problem is that there are two consecutive calls
> to set_key() with the same index. I thought that the set_key() would
> only be called with incremental indexes, except when it resets to 0.

Are you referring to this added call? -

/* Remove some old keys to better test cmp_all() */
		if (index & 1)
			format->methods.set_key("", index);

I think you're correct that it requires a property from "formats" that
is not otherwise made use of by the rest of John.  I might drop this
along with reworking the self-tests such that multiple key slots are
tested per crypt_all() call.  For now, I think this is nice to have to
test cmp_all() better when there are not enough different test vectors
for all key slots being tested.

> This format (and most of the things I wrote) works with this assumption,
> and only cleans things up when set_key(x,0).

Yeah, it turned out to be similar for JimF's, where the self-tests
workaround was to change:

			index = (max > 5 && max > ntests) ? 5 : 0;

to:

			index = (max > 5 && max > ntests && done != 1) ? 5 : 0;

The former produced a sequence like:

0 1 2 3 4 6 9 ... 5 7 10 ... 5 7 10 ...

The latter changed this to:

0 1 2 3 4 6 9 ... 5 7 10 ... 0 1 2 3 4 6 9 ...

such that the zero index slot is hit before a slot is reused.

> Having to work with arbitrary indexes would have a performance impact on
> things like raw_md5. Is that the expected behavior of JtR ?

I had assumed that set_key() would work on arbitrary indices, but I
think this is not actually being relied upon anywhere in JtR, other than
in these revised self-tests.  So I was OK with relaxing the requirement
as I documented above (this is already in jumbo-12).  As to two
consecutive set_key() calls for the same index, does supporting this
still have any performance impact for any "format"?

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.