Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 8 Feb 2013 20:07:01 -0500
From: Jon Schipp <jonschipp@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: SSHA-512 supported?

On Fri, Feb 8, 2013 at 8:00 PM, Stephen John Smoogen <smooge@...il.com> wrote:
> On 8 February 2013 17:56, Jon Schipp <jonschipp@...il.com> wrote:
>> On Fri, Feb 8, 2013 at 7:39 PM, Solar Designer <solar@...nwall.com> wrote:
>>> On Fri, Feb 08, 2013 at 07:35:22PM -0500, Jon Schipp wrote:
>>>> In case this helps, from pwdalg.cfg
>>>>
>>>>
>>>> "cost_num=cost
>>>> *
>>>> *       The default hashing iterations is 2^cost. The valid value of cost is
>>>> *       an integer between 4 and 31, inclusive. The default cost value is 6."
>>>
>>> Isn't this written in context of bcrypt hashes (which they call sblowfish)?
>>> If so, we knew that, but it's irrelevant.
>>
>> Lines further down in the config describe the blowfish count:
>> "The default hashing iterations is 2^cost. The valid value of cost is
>> an integer between 4 and 31, inclusive. The default cost value is 8."
>>
>> A default of 8 instead of 6 previously mentioned. Again, I don't know
>> if that is helpful or not.
>>
>>> Do you suspect they were dumb enough to apply the same low iteration
>>> counts for sha512crypt, where each iteration is a lot cheaper?  Well,
>>> maybe.  Got to test the 1 to 999 range.
>>
>> I'm curious and not a programmer, what do you mean by "where each
>> iteration is a lot cheaper"? How are they cheaper?
>
> Ok so if this is basically saying how many times you are going to run
> through your hash to get an answer.
>
> 4 = 2^4 = 32
> 6 = 2^6 = 64
> 8 = 2^8 = 256
>
> so less rounds means the CPU is doing less work and thus it is
> cheaper. You want to have LOTS of rounds if you want to hash something
> that is expensive for a cracker.. so something like 10 as a minimum
> (1000) versus 64.
>

Right, I thought Alexander was mentioning that there was something
particular about the rounds themselves that made them cheap (different
code etc.).
I was imagining something more complex ;) Thanks for taking the time
to look at it. I imagine that there aren't any other password crackers
that support it either.
At least, I haven't seen any yet.

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.