Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 8 Feb 2013 23:32:47 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking SHA1 with some knowledge of password

It's about optimizations for speed. The maximum length you can digest in *one* round of md4, md5 or sha-1 is 55 octets. This is also the reason our SSE2-aware NT formats have a limit of 27 characters: Internally it use UTF-16 so it's two octets per character. 55/2 is 27 and a half...

Merely supporting longer lengths, with some kind of conditional within the code, slows the it down. At these lengths, that drawback doesn't make sense. And for SSE2 code that does four (or more) at a time, it's even worse - you'd have to make very slow exceptions for longer candidates.

magnum


On 8 Feb, 2013, at 22:50 , Lex Par <ziptied@...il.com> wrote:

> This might be a silly question, but why is there a 55 byte max?
> 
> 
> 
> On Fri, Feb 8, 2013 at 4:44 PM, jfoug <jfoug@....net> wrote:
> 
>> This should work.  Be SURE to use the latest JtR  (but I did test with
>> 1.7.9-jumbo5 Win32 build from JtR download page, and it worked there, but
>> was slower).
>> 
>> [List.Generic:dynamic_1050]
>> Expression=xxxSHA1($p)yyy
>> Flag=MGF_SHA1_40_BYTE_FINISH
>> MaxInputLen=19
>> Func=DynamicFunc__clean_input
>> Func=DynamicFunc__append_input1_from_CONST1
>> Func=DynamicFunc__append_keys
>> Func=DynamicFunc__append_input1_from_CONST2
>> Func=DynamicFunc__SHA1_crypt_input1_to_output1_FINAL
>> Const1=something here\x20
>> Const2=\x20and other stuff here
>> Test=$dynamic_1050$6f4ba502c5885a980229162861134e4ed09c9351:openwall
>> 
>> NOTE, the max input length set to 19 bytes. This is due to the 'extra' data
>> being 36 bytes long, and we need to keep this inside 55 bytes max.  I also
>> changed the const values, and recomputed the hash.
>> 
>> $ echo -n "something here openwall and other stuff here" | sha1sum
>> 6f4ba502c5885a980229162861134e4ed09c9351 *-
>> 
>> 
>> From: Lex Par [mailto:ziptied@...il.com]
>>> 
>>> thanks Jim! I'd liek to use your approach.  When I add what you specified
>> in my conf file and run:
>>> 
>>> ./john --format dynamic_1050 --test
>>> 
>>> I get:
>>> Invalid format dynamic_1050 xxxSHA1($p)yyy;  The first command must be a
>> clean input 1 or input 2 OR a special key 2 input loader function Unknown
>> ciphertext format name requested
>>> 
>>> xxx is really "something here "
>>> and yyy is really " and other stuff here"
>>> 
>>> both with spaces included...
>> 
>> 
>> 


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.