Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4e87a7a8-8735-333c-fe3e-3870868bd140@matlink.fr>
Date: Fri, 16 Mar 2018 14:23:04 +0100
From: Matlink <matlink@...link.fr>
To: john-users@...ts.openwall.com
Subject: Is john really using Narayanan and Shmatikov whitepaper?

Hello John users,

I was wondering, for research purposes, how John was applying Markov
chains for its markov mode.

Before reading the source code, I would have some enlightenment about it.

After having read this whitepaper
http://www.cs.utexas.edu/~shmat/shmat_ccs05pwd.pdf, I found some strange
things about their index function. Accordingly to their 'get_key*'
functions, they are iterating over the alphabet in increasing order. I
guess then it means they are doing bruteforce excepted that they apply a
threshold on password candidate probabilities. Intuitively, Markov
chains-based enumerators would iterate over order of decreasing
probabilities of ngrams.

However, while running John I found that it's not iterating the alphabet
in any kind of order. So it doesn't look like a smart bruteforce. I
guess John authors have made many improvements since.

Thanks for any kind of suggestions,

-- 
Matlink - Sysadmin matlink.fr
Sortez couverts, chiffrez vos mails : https://café-vie-privée.fr/
XMPP/Jabber : matlink@...link.fr
Clé publique PGP : 0x186BB3CA
Empreinte Off-the-record : 572174BF 6983EA74 91417CA7 705ED899 DE9D05B2

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.