|
Message-ID: <20180619125646.Horde.0d0MHj1_TqRzUYNloXOuh8O@344c6kbnjnljjzlz.onion> Date: Tue, 19 Jun 2018 12:56:46 +0000 From: crack.cast5@...mail.net To: john-users@...ts.openwall.com Subject: Re: CAST5 GPU cracking Thanks a lot to both of you for your help. I see a github issue has been opened already. Quoting Dhiru Kholia <dhiru.kholia@...il.com>: > On Tue, Jun 19, 2018 at 3:56 PM, Solar Designer <solar@...nwall.com> wrote: >> ./gpg2john newold.asc > newold_out.txt >> >>> Cost 2 (hash algorithm [1:MD5 2:SHA1 3:RIPEMD160 8:SHA256 9:SHA384 >>> 10:SHA512 11:SHA224]) is 0 for all loaded hashes >> >> Well, at least this is wrong (cost value not among the listed options) >> and probably indicates we have a bug in there. >> >> So there's probably more for us to fix to support PGP keys this old. > > On CentOS 7, > > $ gpg --homedir . --s2k-cipher-algo idea --s2k-mode 0 \ > --simple-sk-checksum --gen-key > > $ pgpdump secring.gpg > ... > Old: Secret Key Packet(tag 5)(931 bytes) > Ver 4 - new > Public key creation time - Tue Jun 19 15:04:57 IST 2018 > Pub alg - RSA Encrypt or Sign(pub 1) > RSA n(2048 bits) - ... > RSA e(17 bits) - ... > Sym alg - IDEA(sym 1) > Simple string-to-key(s2k 0): Hash alg - SHA1(hash 2) > ... > > This is probably the oldest (and possibly weakest) GPG key type we support? > > With your key, > > $ pgpdump newold.asc > Old: Secret Key Packet(tag 5)(928 bytes) > Ver 3 - old > Public key creation time - Tue Jun 19 00:59:57 IST 2018 > Valid days - 0[0 is forever] > Pub alg - RSA Encrypt or Sign(pub 1) > RSA n(2048 bits) - ... > RSA e(5 bits) - ... > Sym alg - IDEA(sym 1) > Simple string-to-key for IDEA > IV - 4c 24 29 7b 7d fe f2 3d > Encrypted RSA d(2046 bits) - ... > Encrypted RSA p(1024 bits) - ... > Encrypted RSA q(1024 bits) - ... > Encrypted RSA u(1022 bits) - ... > Checksum - 52 27 > > It seems that we don't support this (i.e. Simple string-to-key for > IDEA) S2K yet. > > We might also run into a lot of false positives when cracking such > keys due to lack of a strong verifier / checksum. > > Dhiru ------------------------------------------------- ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands! $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail Options!
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.