Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 Feb 2013 02:41:33 +0100
From: magnum <>
Subject: Re: SSHA-512 supported?

On 9 Feb, 2013, at 9:36 , Frank Dittrich <> wrote:
> Before I gave up yesterday, I even changed ROUNDS_DEFAULT to 64 and
> ROUNDS_MIN to 1, with no luck.
> It could also be an off-by-one error, number of rounds being 2^6 + 1.
> They could even treat 1000 SHA-512 iteration as one iteration, so that
> we have 64000 iterations.
> My next bet would be on the password being UTF-16 encoded (big endian).
> Unfortunately, I don't have time to test this right now.

I half-heartedly tried UTF-16BE with 64, 65, 64000, 64001, 65536 and 65537 iterations - no luck. I have a feeling this is not like Drepper's sha2crypt at all though.

What year did they come up with this thing? Maybe it's just iterated SHA-512 with no/less/other magic? Or maybe it's actually PBKDF2-HMAC-SHA512. Or just HMAC, for that matter. Or maybe it more closely resembles crypt-md5, but using SHA-2.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.