[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <17807.1191594936@turing-police.cc.vt.edu>
Date: Fri, 05 Oct 2007 10:35:36 -0400
From: Valdis.Kletnieks@...edu
To: Brian Toovey <admin@...ntrac.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: password hash
On Thu, 04 Oct 2007 22:22:14 EDT, Brian Toovey said:
> Does anyone know what kind of password hash this is?
> 'password1' =
> &c6;Ub&c3;&ab;&19;a&cf;&86;
Hex format would be less likely to be mis-parsed. I'm *guessing* you
mean the hash is x'c65562c3 ab1961cf 86' - which is slightly odd, being
72 bits long. A salted 64-bit hash, perhaps? Or it might be some home-grown
hash that somebody invented.
If you know what 'password1' hashes to, it's time to do some differential
cryptography and try hashing 'password2', 'password11', 'passwor111', and so
on, to determine how many input characters the hash considers. The next thing
to try is hashing 'qassword1' (which has one bit different from 'password1')
and seeing how many of the output bits change, which will tell you the relative
strength of the hash. A good hash will have about half the bits change on a
one-bit difference (and continuing through q, r, s, t and so on won't reveal
any pattern of *which* bits change), while a bad hash will fail to cause a bit
cascade and only a few bits will be different in the output.
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists