Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 11 Jan 2016 16:34:13 +0100
From: patpro@...pro.net
To: john-users@...ts.openwall.com
Subject: Re: format-all-details -> Max. password length in bytes

On 11 janv. 2016, at 15:52, Frank Dittrich <frank.dittrich@...lbox.org> wrote:

> For some formats, a developer could look into the problem and see what performance impact increasing the max. password length would have.
> 
> Salted SHA1 currently supports a max. salt size of 16 bytes:
> salted_sha1_common.h:13:#define MAX_SALT_LEN         16
> 
> The max. password length is defined so that just a single SHA1 block needs to be computed per candidate:
> salted_sha1_fmt_plug.c:58:#define PLAINTEXT_LENGTH     (55-MAX_SALT_LEN)
> 
> So, if all your hashes do have a salt length < 16 bytes, you could use a larger max.password length for salted-sha1 and salted-sha1-opencl by decreasing MAX_SALT_LEN.


It makes perfect sense, a single byte over 55-MAX_SALT_LEN would then require a second SHA1 block computing, doubling (?) the time needed for each test. That's a good reason to stop at 55-MAX_SALT_LEN.

And I'm quite happy that my own passwd in the dump is way longer than 55-MAX_SALT_LEN ;)


> OTOH, dynamic_24 and dynamic_25 are quite similar to salted-sha1.
> One of these dynamic formats computes SHA1($p.$s), the other SHA1($s.$p).
> Both of them do have max. password length of 110 and a salt size of 64, but you can see that the speed of these formats is considerably slower.


it's slow enough with regular Salted SHA1, and I can't do GPU to gain horse power. Moving to something slower with a larger haystack does not sound so appealing.


Thanks a lot Frank and Rich for your answers. It helps me a lot understanding the way JtR works.

regards,
pat

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.