Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 Feb 2013 02:41:33 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: SSHA-512 supported?

On 9 Feb, 2013, at 9:36 , Frank Dittrich <frank_dittrich@...mail.com> wrote:
> Before I gave up yesterday, I even changed ROUNDS_DEFAULT to 64 and
> ROUNDS_MIN to 1, with no luck.
> It could also be an off-by-one error, number of rounds being 2^6 + 1.
> 
> They could even treat 1000 SHA-512 iteration as one iteration, so that
> we have 64000 iterations.
> 
> My next bet would be on the password being UTF-16 encoded (big endian).
> Unfortunately, I don't have time to test this right now.

I half-heartedly tried UTF-16BE with 64, 65, 64000, 64001, 65536 and 65537 iterations - no luck. I have a feeling this is not like Drepper's sha2crypt at all though.

What year did they come up with this thing? Maybe it's just iterated SHA-512 with no/less/other magic? Or maybe it's actually PBKDF2-HMAC-SHA512. Or just HMAC, for that matter. Or maybe it more closely resembles crypt-md5, but using SHA-2.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.