[prev in list] [next in list] [prev in thread] [next in thread]
List: john-dev
Subject: [john-dev] Re: multiformats, (ab)use of salt in 'gost' format
From: Aleksey Cherepanov <lyosha () openwall ! com>
Date: 2015-07-28 11:57:02
Message-ID: 20150728115702.GA27655 () openwall ! com
[Download RAW message or body]
On Sun, Jul 19, 2015 at 01:56:12PM +0300, Aleksey Cherepanov wrote:
> Recently I discovered that 'gost' format has salt. Using it, it
> differentiates regular gost and cryptpro gost. These can be viewed as
> 2 formats with 1 algo and different sboxes. There are 2 format tags:
>
> #define FORMAT_TAG "$gost$"
> #define FORMAT_TAG_CP "$gost-cp$"
>
> So the 'salt' shows sboxes to use.
>
> It can be generalized to multiformats: such formats that handle hashes
> of different formats as 1 format (even without any similarities
> between algorithms).
>
> Multiformats may be interesting during contests to attack all fast
> hashes in 1 command (the idea is not mine, Solar Designer shared this
> idea after last hash runner). It would be something like --format=fast
>
> Solar Designer pointed out to me that formats can assume that, when
> their init() is called, other formats are done(), so 2 formats can't
> be init()'ed in parallel.
>
> Another approach to multiformats would be a wrapper that calls john
> several times.
>
> Other ideas?
Salt is interesting: if we have hashes of both types, then we can go
ahead and hash each password by 2 algos claiming that we "generate" a
candidate.
Alexander Cherepanov just gave an awesome idea: having sha1($p) and
sha1(sha1($p), we can avoid separate computation of sha1($p). It
applies to all formats with similar beginning. Having sha1($p),
sha1(sha1($p)), md5($p), md5(md5($p), sha1(md5($p)) and md5(sha1($p)),
we can reduce 10 raw hashing ops to 6 raw hashing ops.
Thanks!
--
Regards,
Aleksey Cherepanov
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic