Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <DF6D97A5-6EB7-4777-9E15-B208E6CABDB3@goldmark.org>
Date: Thu, 23 Aug 2012 18:16:19 -0500
From: Jeffrey Goldberg <jeffrey@...dmark.org>
To: john-dev@...ts.openwall.com
Subject: Re: Mac OS X 10.8 Mountain Lion password hash sample

On 2012-08-23, at 12:08 PM, Solar Designer <solar@...nwall.com> wrote:

> The http://projects.puppetlabs.com/issues/12833 page mentions several
> other iteration counts as well. I wonder if Apple makes the iteration
> count random (within some range) and stores the value along with the
> hash.

Since OS X 10.7 (Lion), Apple included CCCalibratePBKDF() in the CommonCrypto framework. The idea is that the programmer doesn't set the number of iterations, but says how long a time they will accept for key derivation for their program. CCCalibratePBKDF() takes as an argument (among others) a number of milliseconds. The function returns the number of iterations that will meet that requirement on that system.

So Apple will be using a calibrated (not random) number of rounds, and those will be stored within the data.

See http://developer.apple.com/library/Mac/#documentation/Darwin/Reference/ManPages/man3/CCCalibratePBKDF.3cc.html

Also note that the CommonCrypto source is available here:

  http://www.opensource.apple.com/source/CommonCrypto/CommonCrypto-60026/

Cheers,

-j

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.