Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Thu, 02 Aug 2007 09:08:42 +1200
From: Russell Fulton <r.fulton@...kland.ac.nz>
To:  john-users@...ts.openwall.com
Subject: Re: incremental mode, estimation of computing time



Dirk Wetter wrote:
> Hi there,
>
> is there any formula for a given hash, given length of the password,
> computation power [c/s] (and may be other parameters) concerning the
> computation time?
>   
My understanding is that there isn't.   The whole point of the hash is
that it should not leak any information about the original password. 
Even if it was possible to extract some information about the original
password (say its length) then all you could do would be to give an
upper bound since JtR's incremental mode is not a straight a,..z,
ab,..az...   type operation.  It uses stats from language to predict
likely combination of characters.  Of course this means that if you have
a truly  random password it will take longer than expected to crack.

I guess that's why Solar called it "incremental" rather than "sequnental".

Russell


-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ