lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 25 Mar 2013 13:05:26 -0500
From: Jeffrey Goldberg <>
Subject: Re: [PHC] Password Hashing done wrong on CISCO IOS

On 2013-03-21, at 8:52 PM, Peter Gutmann <> wrote:

> Marsh Ray <> writes:
>> The challenge with subtle password hash bugs is that QA can do a thorough job
>> of black-box testing and still not catch 1 round instead of 1000.

> Firefox (meaning probably NSS, so potentially lots of other products as well)
> did this for quite some time, possibly years.  It was only corrected when I
> noticed it with dumpasn1 and filed a bug.  Even then it took them over a year,

Elcomsoft had discovered in 2010 that Blackberry backups used just one round of PBKDF2. I
don't know whether that was a design error or an implementation error.

If Andrey Belenko is following this discussion, he might be the one to ask. (I'm not sure exactly
when he was with Elcomsoft).



Powered by blists - more mailing lists