|
Message-ID: <20120101062036.GA19570@openwall.com> Date: Sun, 1 Jan 2012 10:20:36 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Rules for realistic words On Sat, Dec 31, 2011 at 07:36:00PM +0000, Alex Sicamiotis wrote: > As for cracking techniques, over the last 16 years I've tried plenty of stuff... That's impressive. You got to join our team for the KoreLogic contest this year if they do it again and if we participate again. > Normally, changing approaches etc is wasteful because you are overlapping the same stuff over and over. For example now that I'm using variation of small character files, it seems wasteful because the same would be also tried in larger .chr files. But my rationale is that if I eliminate, say, 10% of the remaining passwords in a short period, then this period has saved me a very large time for the rest of the 90% - so it's not really wasted. For your hash type and count, this makes sense. For some others, it doesn't, as eliminating some small percentage of hashes (as cracked) doesn't reduce the salt count (e.g., both 250k and 300k of DES-based crypt(3) hashes typically result in all 4096 salts being present, so reducing 300k to 250k doesn't speed up further cracking). Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.