Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 16 Mar 2018 14:23:04 +0100
From: Matlink <matlink@...link.fr>
To: john-users@...ts.openwall.com
Subject: Is john really using Narayanan and Shmatikov whitepaper?

Hello John users,

I was wondering, for research purposes, how John was applying Markov
chains for its markov mode.

Before reading the source code, I would have some enlightenment about it.

After having read this whitepaper
http://www.cs.utexas.edu/~shmat/shmat_ccs05pwd.pdf, I found some strange
things about their index function. Accordingly to their 'get_key*'
functions, they are iterating over the alphabet in increasing order. I
guess then it means they are doing bruteforce excepted that they apply a
threshold on password candidate probabilities. Intuitively, Markov
chains-based enumerators would iterate over order of decreasing
probabilities of ngrams.

However, while running John I found that it's not iterating the alphabet
in any kind of order. So it doesn't look like a smart bruteforce. I
guess John authors have made many improvements since.

Thanks for any kind of suggestions,

-- 
Matlink - Sysadmin matlink.fr
Sortez couverts, chiffrez vos mails : https://café-vie-privée.fr/
XMPP/Jabber : matlink@...link.fr
Clé publique PGP : 0x186BB3CA
Empreinte Off-the-record : 572174BF 6983EA74 91417CA7 705ED899 DE9D05B2

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.