Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 25 Jul 2013 10:00:52 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Using DYNAMIC for implementing SHA-512 ^ 101 ?

On 07/23/13 at 10:47am, Frank Dittrich wrote:
> On 07/21/2013 11:51 PM, Dhiru Kholia wrote:
> > Please let me know if you want to change the name of the plug-in (currently it
> > is blackberry-es10). Also, is the input hash format ($bbes10$hash$salt) OK?
>
> What if another application uses the same algorithm, or if the only
> difference is the number of iterations?
> I think it would be better to use a more generic name and a more generic
> implementation.
>
> $is-sha512$iterations$salt$hash
> {i-s-SHA512}iterations$hash$salt
> ...

Sounds good. I will work towards a more generic hash format and
implementation.

> For extra long hashes we should consider storing them base64 encoded,
> even if the format supports hex encoded and base64 encoded hashes.

You sound like magnum (a base64 *lover*) here but I get the point ;)

> If other applications use sha512(salt + password) instead of
> sha512(password + salt) for the first iteration, we might need
> different format names or one more flag stored in the hash
> representation.

Yes, agreed. Some of my other formats have a similar kind of flag.

--
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.