Date: Tue, 4 Dec 2012 17:54:04 +0100 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: Cracking a GPG keyring On 4 Dec, 2012, at 12:42 , Dhiru Kholia <dhiru.kholia@...il.com> wrote: > On Tue, Dec 4, 2012 at 5:07 PM, magnum <john.magnum@...hmail.com> wrote: >> On 4 Dec, 2012, at 12:29 , Dhiru Kholia <dhiru.kholia@...il.com> wrote: >>> Ensure that your key uses SHA1 based s2k function before using the >>> OpenCL gpg format. >> >> Will gpg2john and/or the format's valid() reject it if unsupported? Or will it happily try to attack it without a chance? > > This rejection should be done in format's valid method. However, I > have been lazy in doing it so far :( In cases like this it's *really* important that it gets rejected somewhere in the chain (could be in gpg2john as well, or even as an assertion in in get_salt() but that is a crude solution for no reason) and IMHO you should place it in, well, the top line of your to-do list. Imagine someone spending literally months with 96 CPU cores just to find out your format gladly and silently accepted input that it simply can not crack. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.