Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 24 May 2012 11:16:25 -0700 (PDT)
From: NeonFlash <>
To: "" <>
Subject: Re: Can Excessive Rounds make Password cracking Infeasable

Hello Brad,

You have started a good discussion. I believe, by number of rounds you mean number of iterations?

If so, yes, by increasing the number of iterations in a hashing algorithm, the resultant hash becomes stronger. However, the function performed by the hashing algorithm in each iteration need not be the same.

For instance, in the case of MD5-crypt, of the 1000 iterations that take place, during each iteration the function performed by the hashing algorithm is different based on the iteration counter.

Blowfish hashes provide you a way to decide the number of iterations as well.

$2a$<logarithm 2 of the number of iterations>$.........

However, what you state below, the number of iterations look extremely high (391939).

While implementing a cryptographic hashing algorithm, besides its strength the computational feasibility also needs to be kept in mind.

May I ask you, what is the distro of Linux you are using?

I hope other experienced people on this mailing list would share their ideas as well.


 From: Brad Tilley <>
Sent: Thursday, May 24, 2012 11:36 PM
Subject: [john-users] Can Excessive Rounds make Password cracking Infeasable
This is slightly off-topic as it does not specifically relate to John use,
but I wanted to ask the opinions of others here. When do rounds make
password cracking infeasible, or do they? For example, the hash below is a
SHA-512 hash with 391939 rounds applied. You can actually feel the delay
at logon (about 2 seconds on newer machines):


The source code of sha512-crypt.c sets this as the maximum number of
rounds so Linux sys admins could configure this number even higher:

   /* Maximum number of rounds.  */
   #define ROUNDS_MAX 999999999

So long as the passwords are sufficiently complex and users can't select
simple words such as 'password' for their password, I would think that
these hashes are close to un-crackable (certainly not in a reasonable time
period anyway). What do other John users think?



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.