|
Message-ID: <CAG5=z90Nwst+pOwgqc-=6rxNqqmydiPXavb2QwVG+jDbUR7o2w@mail.gmail.com>
Date: Mon, 5 Dec 2011 20:57:06 +0530
From: piyush mittal <piyush.cse29@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Bit slice implementation of DES based hashes
@Simon
Also one more thing i need some reference From "LM DES".Is this correct
documentation regarding its implementaion?
1. The user’s ASCII <http://en.wikipedia.org/wiki/ASCII> password is
converted to uppercase <http://en.wikipedia.org/wiki/Uppercase>.
2. This password is null-padded to 14 bytes.
3. The “fixed-length” password is split into two seven-byte halves.
4. These values are used to create two
DES<http://en.wikipedia.org/wiki/Data_Encryption_Standard>keys, one
from each 7-byte half, by converting the seven bytes into a bit
stream, and inserting a null bit after every seven bits (so 1010100becomes
01010100). This generates the 64 bits needed for a DES key. (A DES key
ostensibly consists of 64 bits; however, only 56 of these are actually used
by the algorithm. The null bits added in this step are later discarded.)
5. Each of the two keys is used to DES-encrypt the constant
ASCII<http://en.wikipedia.org/wiki/ASCII>string “
KGS!@#$%”, resulting in two 8-byte ciphertext values. The DES CipherMode
should be set to ECB, and PaddingMode should be set to NONE.
6. These two ciphertext values are concatenated to form a 16-byte value,
which is the LM hash.
Specially step 5.Is this correct?
Thanks
On Mon, Dec 5, 2011 at 8:39 PM, piyush mittal <piyush.cse29@...il.com>wrote:
> @Simon
>
> So what it should be?
>
>
> On Mon, Dec 5, 2011 at 2:38 PM, Simon Marechal <simon@...quise.net> wrote:
>
>> On 03/12/2011 18:45, piyush mittal wrote:
>> > 1. Concatenate the username and the password to produce a plaintext
>> string;
>> > 2. Convert the plaintext string to uppercase characters;
>> > 3. Convert the plaintext string to multi-byte storage format; ASCII
>> > characters have the
>> > high byte set to 0x00;
>> > 4. Encrypt the plaintext string (padded with 0s if necessary to the next
>> > even block length)
>> > using the DES algorithm in cipher block chaining (CBC) mode with a fixed
>> > key value of
>> > 0x0123456789ABCDEF;
>> > 5. Encrypt the plaintext string again with DES-CBC, but using the last
>> > block of the output
>> > of the previous step (ignoring parity bits) as the encryption key. The
>> > last block of the
>> > output is converted into a printable string to produce the password hash
>> > value.
>>
>> This looks correct. Obviously step 3 will not work as expected when just
>> interleaving nul bytes.
>>
>
>
>
> --
> Piyush Mittal
> M.Tech SEM-Ist
> Department of Computer Science and Engineering
> National Institute of Technology,Rourkela
> INDIA
> Email. piyush.cse29@...il.com
> 211cs2281@...rkl.ac.in
> Mob. +91 8260859399
>
>
--
Piyush Mittal
M.Tech SEM-Ist
Department of Computer Science and Engineering
National Institute of Technology,Rourkela
INDIA
Email. piyush.cse29@...il.com
211cs2281@...rkl.ac.in
Mob. +91 8260859399
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.