Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050622181112.GA13585@openwall.com>
Date: Wed, 22 Jun 2005 22:11:12 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Secure Mode for John

Hi Jim,

On Tue, Jun 21, 2005 at 04:28:29PM -0400, Jim Brown wrote:
> I've used john in an enterprise environment as a strong 
> password compliance tool and I've had these concerns:
> 
> 1. The passwords are visibly displayed.
> 2. The .pot file contains password data that can be displayed
>    by running john at a later time.

These are valid concerns.  So far, the way to address them has been to
run John and have it store john.pot in the most secure location.

You need to realize, though, that an attacker with access to the
password hashes would be able to crack all the same passwords in the
same way, albeit after spending quite some processor time on it too.
Whether or not John would store cracked passwords, you do have the
password hashes stored in files anyway.

> 3. john (and a large wordlist) will run forever.

This is not quite true.  With most password files, John will complete
even the largest wordlists in a reasonable time.  The thing that will
make it "run forever" as you say is the "incremental mode".  Yes, you
will need to interrupt that eventually.

> Ideally, all I want to know is if john can crack a password
> for an account in X time.  If it can, the account password
> is held insecure and should be changed.

This is a reasonable policy.

It does, however, have one drawback: for salted hashes, the number of
candidate passwords tried against a given password hash in X time varies
heavily based on how many other password hashes (or rather, salts) are
loaded into John during the same run.

> Because of the above concerns, I've had to build a perl wrapper
> around john that reads john output (removing the password),
> continuously deletes the .pot file, and kills john after some
> variable time period.
> 
> I'd be interested in hearing others thoughts on a mode for john
> that addresses the concerns- i.e. a 'safe mode'.
> 
>  * No passwords would be displayed, or stored at all.  
>  * Only account names would be output (with optional time-to-crack).

Yes, I had a couple of requests for this before (that's like - just 3
requests, including yours, in 9 years).

Yes, this is a reasonable thing to implement.  One difficulty with
implementing it is that it would still be desirable to have password
hashes recorded in john.pot (such that interrupted sessions could be
recovered, fully-cracked split password hashes could be distinguished
from partially-cracked ones, and a list of users with fully-cracked
passwords could be output).  This would require a john.pot file format
change to encode no-plaintext differently from empty-plaintext.

>  * John dies after a configurable time period.

Yes, this is asked for once in a while and it needs to be implemented.
In fact, ancient versions of John had an option to do just that, but I
had dropped it in a code rewrite for 1.5+.  I should re-introduce it.

Thanks,

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.