Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 18 Jun 2018 18:59:05 +0000
From: crack.cast5@...mail.net
To: john-users@...ts.openwall.com
Subject: Re: CAST5 GPU cracking

With a modern key when I check the gnupg packets I get
         iter+salt S2K, algo: 7, SHA1 protection, hash: 2, salt:  
[masked for privacy]

And John runs like this:

./john priv
Using default input encoding: UTF-8
Loaded 1 password hash (gpg, OpenPGP / GnuPG Secret Key [32/64])
Cost 1 (s2k-count) is 3932160 for all loaded hashes
Cost 2 (hash algorithm [1:MD5 2:SHA1 3:RIPEMD160 8:SHA256 9:SHA384  
10:SHA512 11:SHA224]) is 2 for all loaded hashes
Cost 3 (cipher algorithm [1:IDEA 2:3DES 3:CAST5 4:Blowfish 7:AES128  
8:AES192 9:AES256 10:Twofish 11:Camellia128 12:Camellia192  
13:Camellia256]) is 7 for all loaded hashes


With the old PGP key the packets are:
         gnu-dummy S2K, algo: 0, simple checksum, hash: 0

Now I do get a nice long output with gpg2john, but I'm worried it is  
not valid for such an old key. Is the old count really 65536? When I  
run john I get this:

Cost 1 (s2k-count) is 65536 for all loaded hashes
Cost 2 (hash algorithm [1:MD5 2:SHA1 3:RIPEMD160 8:SHA256 9:SHA384  
10:SHA512 11:SHA224]) is 2 for all loaded hashes
Cost 3 (cipher algorithm [1:IDEA 2:3DES 3:CAST5 4:Blowfish 7:AES128  
8:AES192 9:AES256 10:Twofish 11:Camellia128 12:Camellia192  
13:Camellia256]) is 3 for all loaded hashes

Is gpg2john tested with such old keys from 2000? Ideally I would  
download an older PGP and run a test but it is hard to find such an  
old version.

Thanks


Quoting Solar Designer <solar@...nwall.com>:

> On Mon, Jun 18, 2018 at 12:22:03PM +0000, crack.cast5@...mail.net wrote:
>> Thank you. GPG --list-packets shows my key has having the following
>> line for its S2K configuration:
>> gnu-dummy S2K, algo: 0, simple checksum, hash: 0
>>
>> Based on RFC4880 I think this is CAST5 with SHA1 but no iterations. Is
>> it possible to benchmark this with the --test option to John?
>
> I wouldn't rely on that kind of analysis and benchmark.  Please just try
> running gpg2john and john on your key file, and let us know what happens.
>
> Alexander




-------------------------------------------------

ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!  
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!  

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.