Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 10 Aug 2015 23:26:55 +0200
From: Marek Wrzosek <marek.wrzosek@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Can you help me? I need more valuable papers about
 time-memory trade-off.

W dniu 10.08.2015 o 16:06, Marek Wrzosek pisze:
> And about salts... They are the known part of plain-text, very random
> and greatly increasing the N in formula of P_success. Why there is an
> opinion, repeated many times by many people, that we'll need to make
> rainbow table for every possible salt? Why not just adjust chain length
> and chain count accordingly? More advanced reduction functions would be
> needed because plain-text would be in the form of SALTpassword and there
> could be different salt strength (length and charset) and different
> password strength. Moore law is working for time-memory trade-off faster
> than on time part of it alone. Maybe today rainbow tables are more
> useful tool for weaker password-storing schemes than it was in 2003.
> Do you know any good papers that will answer above questions?
> 
> Best Regards
> 
PS. I think, that there is possible similar trade-off with salts. Salts
are nonces encoded into ASCII string, so every character should be
equally probable, but we know how salt looks. If N is a product of
N_salt and N_password, then we could lower the N_salt by making several
rainbow tables for different classes of salts generated using something
similar to mask mode, e.g. ?l?l?l?l, ?s?l?l?l or ?l?s?l?l and so on,
avoiding ?a?a?a?a. There will be less rainbow tables than for every
possible salt and tables would be smaller than one "perfect" table. Few
salts will be missing, but rainbow tables for saltless hashes don't
crack all passwords either. Correct me if I'm wrong. If I'm right, these
tables would be like glove with razors. John is named after Jack the
Ripper, so maybe john's younger brother could be named after Freddy
Krueger (for now it is similarly fictitious ;-)
I've forgotten about one question. Rainbow tables are consisting several
smaller tables. How do they differ from each other?
-- 
Marek Wrzosek
marek.wrzosek@...il.com

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.