Follow @Openwall on Twitter for new release announcements and other news
[<prev] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 29 Oct 2022 11:09:41 +0200
From: Matthias Apitz <guru@...xarea.de>
To: yescrypt@...ts.openwall.com
Subject: Re: Improving security of old DES hashes with fixed salt
 with "yescrypt"


Thanks for your hints, Alexander.

The C-written tool, based on the SLES Linux libcrypt.so, will read on STDIN
and expects

either

    PIN\0
or
    PIN\0yescrypt-hash\0

If only the "PIN\0" is seen, this is encrypted with DES and the result
with yescrypt. If "PIN\0yescrypt-hash\0" is seen, the PIN is also DES plus
yescrypt encrypted, but the latter using "yescrypt-hash" as salt, and compared
the result against "yescrypt-hash".

The output on STDOUT will be one of the following:

- a yescrypt-hash, if only PIN\0 was seen;
- the word "matched" if PIN was correct
- the word "nomatch" if PIN was incorrect
- the word "error" when something unusual happend.

and exit(0) is called.

Thanks

	matthias

-- 
Matthias Apitz, ‚úČ guru@...xarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.