Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20220205210338.GA25516@openwall.com>
Date: Sat, 5 Feb 2022 22:03:38 +0100
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Bitcoin hash difference

Hi Tony,

On Fri, Feb 04, 2022 at 02:45:41AM +0000, hamano_clevage@...ail.me wrote:
> When I run the bitcoin2john.py script I have stored from 2019 it 
> generates me an hash ending differently than when I run it using the 
> current version.
> 
> 2019 bitcoin2john.py version hash:
> $bitcoin$64$<_the_identical_part_>$1318$96$55b605d8050d8dc073eef17df20ef760dbe6885217e9$130$04e93d2592735ec271e0c65e0925854a710e2c648aff1d79a22fe93
> 
> current bitcoin2john.py version hash:
> $bitcoin$64$<_the_identical_part_>$16$adfbb9cfa83e9cf6$135318$2$00$2$00
> 
> I would expect them to be the same. The first part is the same but after 
> the 4th dollar sign the outcome is very different.
> 
> Should it be the same with the old and the new version?

No, that difference is as intended in order to make these "hashes" less
revealing - the latest kind of them is what we believe the minimum
needed for password cracking.  In fact, there was a third kind, prior to
2019, that was even more revealing than the 2019 kind.

> Does this influence the result when using it in Hashcat or John the Ripper?

No, they're all compatible.  As you can see, the latest kind has four
dummy fields in the end - those are for backwards compatibility.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.