Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 11 Jan 2016 10:03:57 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: format-all-details -> Max. password length in bytes

On Mon, Jan 11, 2016 at 9:52 AM, Frank Dittrich
<frank.dittrich@...lbox.org> wrote:
> On 01/11/2016 02:35 PM, patpro@...pro.net wrote:
>>
>> I wonder how those limits are set: how are they implemented,
>
>
> The max. password length issue is quite complex.
> This link to an old john-dev discussion might provide some background
> information:
>
> http://thread.gmane.org/gmane.comp.security.openwall.john.devel/12718/focus=12776
>
>> are they tunable at run time, and why 39 (arbitrary decision?) ?
>
>
> It is not really tunable by an end user.
> For some formats, a developer could look into the problem and see what
> performance impact increasing the max. password length would have.
>
> Salted SHA1 currently supports a max. salt size of 16 bytes:
> salted_sha1_common.h:13:#define MAX_SALT_LEN         16
>
> The max. password length is defined so that just a single SHA1 block needs
> to be computed per candidate:
> salted_sha1_fmt_plug.c:58:#define PLAINTEXT_LENGTH     (55-MAX_SALT_LEN)
>
> So, if all your hashes do have a salt length < 16 bytes, you could use a
> larger max.password length for salted-sha1 and salted-sha1-opencl by
> decreasing MAX_SALT_LEN.
>
>
> OTOH, dynamic_24 and dynamic_25 are quite similar to salted-sha1.
> One of these dynamic formats computes SHA1($p.$s), the other SHA1($s.$p).
> Both of them do have max. password length of 110 and a salt size of 64, but
> you can see that the speed of these formats is considerably slower.
>
> (Since the dynamic formats use hex encoding and salted-sha1 uses base64, the
> hashes would need to be converted to be used by dynamic).
>
>> However, I do remember that incremental is limited to 8 char. at compile
>> time. But I'm interested in the limit set for formats.
>>
>>> $ ./john --list=format-all-details | grep "Max. password length"
>>> Max. password length in bytes        8
>>> Max. password length in bytes        64
>>> Max. password length in bytes        15
>>> Max. password length in bytes        72
>>> Max. password length in bytes        125
>>> Max. password length in bytes        7
>>> ../..
To add to what Frank said, some password lengths are limited by the
type more often than not (LM=7, DES=8) and that's why incremental was
limited by default for so long, but in 1.8 the length of incremental
was changed to 24 bytes.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.