Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4EFF1274.8090601@hushmail.com>
Date: Sat, 31 Dec 2011 14:47:32 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: SSE/intrinsics for sapB/sapG [was: john-users]

On 12/31/2011 02:27 PM, magnum wrote:
> On 12/31/2011 04:30 AM, jfoug@....net wrote:
>>> Jim, Simon, how would I do a crypt of between 56 and 63 bytes? Is this
>>> not possible? Can we actually only do 0-55 *or* 64-119 bytes?
>>
>> To encrypt 56 bytes, do this:
>>
>> 1. set the 56 bytes, then set 0x80 as the 57th, and null out the rest.
>> Do the sha.
>> 2. create another buffer. NULL the entire buffer, but put 56<<3 into
>> the length location (last 8 bytes, BE format, I think).
>> 3. perform sha on this, using the results of step 1 as the init seed.
>
> This was almost correct. For the record, I had to put the 0x80 different:

Sorry, my bad. What you described is correct.

For 56-59 bytes we can do the above. For 60 bytes, I presume we put all 
of them in the first buffer but the 0x80 in the second. For 61-63 bytes 
we also need to put the last couple of bytes in the second buffer. For 
64 bytes, we put everything in the first buffer but a 0x80 in the second.

I suppose the figures are sligthly different for MD4 and MD5, where the 
length byte is placed at 14*4 instead of 15*4?

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.