Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 21 Aug 2012 16:15:23 +0200
From: Patrick Mylund Nielsen <>
Subject: Re: Arstechnica Password article (feat. Matt Weir)

That article, IMO, wrongly implies that SRP is somehow inferior to key
derivation functions, when in fact they serve two different purposes:
protection against network eaves-dropping vs. resistance to offline attacks
on the verifiers/digests. There is no reason why Blizzard can't use a KDF
client-side with a proof like SRP for even better security.

On Tue, Aug 21, 2012 at 4:11 PM, Solar Designer <> wrote:

> On Tue, Aug 21, 2012 at 09:36:16AM -0400, Rich Rumble wrote:
> >
> > Good article, no mention of Jtr :( or it's incremental and other
> > modes, rather focus on GPU cracking using HashCat mostly; some other
> > tools mentioned as well. Also I had no idea we were actually going to
> > be up against the Erebus system ( the
> > contest, but I guess I should of known :)
> > While I wish JtR and all it's abilities (GPU included), the article is
> > accurate as far as I can tell.
> There are some minor inaccuracies.
> Anyhow, if you post these, here's another recent article by Dan:
> which actually includes references to JtR in the SRP cracking context.
> For those not on john-dev: JimF has since actually implemented
> Blizzard's SRP cracking in JtR - and we're getting speeds up to about
> 400k c/s per CPU chip - but we have yet to see any of the presumably
> leaked SRP verifiers, so we don't know if the code would work on them
> as-is or would need some additional tweaking.  On FX-8120:
> Benchmarking: WoW (Battlenet) SRP sha1 [32/64 GMP-exp]... (8xOMP) DONE
> Raw:    395264 c/s real, 49408 c/s virtual
> Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.