Date: Sat, 17 Nov 2012 17:37:18 +0100 From: Simon Marechal <simon@...quise.net> To: john-users@...ts.openwall.com Subject: Re: How does incremental mode works? On 11/17/2012 02:14 AM, Richard Miles wrote: > Thanks for your answer. Nice to know I'm not the only one that is unable to > understand how it works and the difference in a high level between > incremental and markov. :) > > Maybe Solar or Simon may help us? I will answer about Markov mode. The statistics file that it uses contains : * the probability that character c is the first character of a password * the probability that character c_n follows c_(n-1) (the previous character) It doesn't actually store the raw probability, but something like: P' = - N log(P) That way, something very likely (P ~ 1) will have P' ~ 0, and something highly unlikely (P ~ 0) will have a very high P'. You compute the "markov strength" of a password by adding all those P'. You can check this with the mkvcalcproba program. For example: password 28+17+28+23+46+22+23+30 = 217 p4ssw0rd! 28+58+47+23+46+56+56+30+76 = 420 Notice how the first letter being identical, the first P' is identical between passwords, and how unlikely transitions cost more. The markov incremental mode with JtR, given a maximum strength, will crack all passwords with a strength that is lower than or identical with the given maximum. This means that -markov:200 will crack none of the previous passwords, and -markov:250 will crack the easiest. Please note that the number of passwords generated grows exponentially with the max strength parameter. You can use the genmkvpwd program to count them. I will give a hopefully better description of all of this at Passwords^12.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.