Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 9 Feb 2013 05:11:05 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: SSHA-512 supported?

On Fri, Feb 08, 2013 at 07:56:19PM -0500, Jon Schipp wrote:
> Lines further down in the config describe the blowfish count:
> "The default hashing iterations is 2^cost. The valid value of cost is
> an integer between 4 and 31, inclusive. The default cost value is 8."
> 
> A default of 8 instead of 6 previously mentioned. Again, I don't know
> if that is helpful or not.

It is.  Thanks!

> > Do you suspect they were dumb enough to apply the same low iteration
> > counts for sha512crypt, where each iteration is a lot cheaper?  Well,
> > maybe.  Got to test the 1 to 999 range.
> 
> I'm curious and not a programmer, what do you mean by "where each
> iteration is a lot cheaper"? How are they cheaper?

1 iteration in sha512crypt corresponds to less CPU time consumed than
1 iteration in bcrypt.  So e.g. 256 iterations of bcrypt (their default
for that hash type) is a lot more expensive (and more secure) than 256
iterations for sha512crypt (let alone 64 iterations).

However, if their SHA-512 based algorithm differs from sha512crypt in
some other way as well, this might not hold for their algorithm.  We
don't know until we've figured it out.  Like I said in another message,
a simple rounds=64 (with a corresponding change to ROUNDS_MIN in our
code) did not help.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.