Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140102085222.RXB03.306920.imail@fed1rmwml213>
Date: Thu, 2 Jan 2014 8:52:22 -0500
From:  <jfoug@....net>
To: john-dev@...ts.openwall.com
Cc: Frank Dittrich <frank_dittrich@...mail.com>
Subject: Re: dynamic_2000 - dynamic_2014


---- Frank Dittrich <frank_dittrich@...mail.com> wrote: 
> On 01/02/2014 01:55 PM, jfoug@....net wrote:
> > There are some caveats here (there always are).
> 
> We could make dynamic_2002 accept dynamic_2 and dynamic_2002, but use
> dynamic_2 as the canonical representation (which gets written to .pot
> files).

That would not be a bad way to go.  Split it up, giving 3 configuration values.

1. the actual dyna number for the format.
2. an 'optional' array of dyna numbers which also can be processed by this format.
3. the canonical number (i.e. number that gets written to the .pot file).

number 3 should be 'some' number in items 1 or 2, I do not think it makes since to write out some value the format would not later recognize, especially since it would not remove already found factors from subsequent runs.

Nice ideas Frank.  Good additions.

so for this 2002, it would be:

1.   2002  (real dyna number for the format)
2.   array  [2]  (I do not think 2002 would 'need' to be here.  It would not hurt anything, but not required).
3.   canonical - 2

I might also have to enhance the internal self test code, so that either 2002 or 2 would self test properly for the format.

NOTE, I do not plan on making extreme changes, such as where dyna2 is something with hex strings, and dyna2002 was one with base64, and trying to make them compatible.  For the format to be compatible, they have to have pretty much the same signature, other than the dyna number.  The same input processing flags (differences like NOT-SSE2-SAFE and some others do not matter), the same salt format, the hash layout, etc.  dyna2002 is not going to use the actual dyna2 format structure to be able to process input strings.  For 2002 to be able to use 2, they will both HAVE to be compatible.  Your description of 2 being shorter passwords, and 2002 allowing longer, but both 'really' being the same format, makes perfect since for this change.  They really are the same format.  It is just one was written slightly differently, to work around known length limits in the optimized version.


Jim.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.