Hosting Provided By

RE: Password Cracking Challenge...

From: Michael Wojcik <Michael.Wojcik(at)microfocus.com>
Date: Mon Jul 28 2003 - 17:19:14 EDT

> From: David Riley [mailto:oscar@the-rileys.net]
> Sent: Monday, July 28, 2003 4:47 PM
>
> It is a good starting point, and that's what I thought of as well.

That, plus the fact that the first 8 bytes of the hashes for "Password123" and "Password321" are the same, suggests to me a 64-bit block cipher running in some chaining mode. DES in CBC mode, for example.

The fact that all the hashes are 128 bits would suggest that the algorithm either discards characters after the 16th, or perhaps that it uses the first and last block of cipher output as the hash (which would be a little better). It'd be nice to have two sample vectors of 17-byte passwords, only differing in the 17th byte, to check.

I'll leave further speculation to the actual cryptanalysts (assuming any of them find this sufficiently interesting to bother).

-- 
Michael Wojcik
Principal Software Systems Developer, Micro Focus

Received on Mon Jul 28 18:29:19 2003

This message: [ Message body ]
Next message: Vizzy: "Re: Password Cracking Challenge..."
Previous message: David Schwartz: "RE: Password Cracking Challenge..."
Maybe in reply to: Ronish Mehta: "Password Cracking Challenge..."
In reply to David Riley: "Re: Password Cracking Challenge..."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:40 EDT