Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 17 Nov 2012 17:37:18 +0100
From: Simon Marechal <>
Subject: Re: How does incremental mode works?

On 11/17/2012 02:14 AM, Richard Miles wrote:
> Thanks for your answer. Nice to know I'm not the only one that is unable to
> understand how it works and the difference in a high level between
> incremental and markov. :)
> Maybe Solar or Simon may help us?

I will answer about Markov mode. The statistics file that it uses contains :
* the probability that character c is the first character of a password
* the probability that character c_n follows c_(n-1) (the previous

It doesn't actually store the raw probability, but something like:

    P' = - N log(P)

That way, something very likely (P ~ 1) will have P' ~ 0, and something
highly unlikely (P ~ 0) will have a very high P'.

You compute the "markov strength" of a password by adding all those P'.
You can check this with the mkvcalcproba program. For example:

password	28+17+28+23+46+22+23+30	     =  217
p4ssw0rd!	28+58+47+23+46+56+56+30+76   =  420

Notice how the first letter being identical, the first P' is identical
between passwords, and how unlikely transitions cost more.

The markov incremental mode with JtR, given a maximum strength, will
crack all passwords with a strength that is lower than or identical with
the given maximum. This means that -markov:200 will crack none of the
previous passwords, and -markov:250 will crack the easiest.

Please note that the number of passwords generated grows exponentially
with the max strength parameter. You can use the genmkvpwd program to
count them.

I will give a hopefully better description of all of this at Passwords^12.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.