Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100319230631.GB17312@openwall.com>
Date: Sat, 20 Mar 2010 02:06:31 +0300
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: salted triple-SHA1

On Tue, Mar 16, 2010 at 02:15:10PM +0100, SL wrote:
> is there a (fairly simple) way to teach john following hashing  
> algorithm?
> 
> sha1($salt.sha1($salt.sha1($pass)))

I think the simplest way would be to define a new "format" that would
use OpenSSL's SHA-1 routines like some others do.

> I was thinking of the new generic MD5 mode, modified to SHA1 (such  
> as: username:sha1_gen(1)e6240f5404d2c1004aed37a66550a5b1ea60c469 
> $b295d117135a9763da282e7dae73a5ca7d3e5b11), but I'm afraid that's  
> beyond my coding skills.
> 
> I'd give it a go though, if someone could give me a raw sketch of the  
> steps involved.

I think this approach would be significantly more complicated than
defining a special-purpose "format" like I proposed above.  I wouldn't
mind "a raw sketch of the steps involved" appearing in here, on the
wiki, or in a documentation file, though.  Jim?

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.