Vulnerability Development mailing list archives

RE: Password Cracking Challenge...

From: Michael Wojcik <Michael.Wojcik () microfocus com>
Date: Mon, 28 Jul 2003 14:19:14 -0700

From: David Riley [mailto:oscar () the-rileys net] 
Sent: Monday, July 28, 2003 4:47 PM

It is a good starting point, and that's what I thought of as well.
However, the cutoff here seems to be 8 bytes instead of 7.  I'm still
looking at it, but the encoding of the second chunk seems 
dependent on the
first (e.g. the "321" chunk of "Pa$$word321" is different than that of
"Password321".


That, plus the fact that the first 8 bytes of the hashes for "Password123"
and "Password321" are the same, suggests to me a 64-bit block cipher running
in some chaining mode.  DES in CBC mode, for example.

The fact that all the hashes are 128 bits would suggest that the algorithm
either discards characters after the 16th, or perhaps that it uses the first
and last block of cipher output as the hash (which would be a little
better).  It'd be nice to have two sample vectors of 17-byte passwords, only
differing in the 17th byte, to check.

I'll leave further speculation to the actual cryptanalysts (assuming any of
them find this sufficiently interesting to bother).

-- 
Michael Wojcik
Principal Software Systems Developer, Micro Focus

Current thread:

Password Cracking Challenge... Ronish Mehta (Jul 28)
- RE: Password Cracking Challenge... David Schwartz (Jul 28)
- <Possible follow-ups>
- Re: Password Cracking Challenge... Justin Pryzby (Jul 28)
  - Re: Password Cracking Challenge... David Riley (Jul 28)
- RE: Password Cracking Challenge... Michael Wojcik (Jul 28)
- Re: Password Cracking Challenge... Vizzy (Jul 28)
- Re: Password Cracking Challenge... Ronish Mehta (Jul 31)
- RE: Password Cracking Challenge... Michael Wojcik (Jul 31)