PBKDF2 and SHA-1 question - Printable Version +- hashcat Forum ( https://hashcat.net/forum)+-- Forum: Support ( https://hashcat.net/forum/forum-3.html)+--- Forum: hashcat ( https://hashcat.net/forum/forum-45.html)+--- Thread: PBKDF2 and SHA-1 question ( /thread-8292.html) |

PBKDF2 and SHA-1 question - ilya980 - 04-06-2019
Hi, Could you please help me sort out how to properly compute PMKID? I recorded the hash with hcxdumptool and converted with hcxpcaptool. I have a code that computes SHA-1 hash as a function of key (char) and message (char). I want to calculate PMKID (the first string in the file) using the SHA-1 code. This thread https://hashcat.net/forum/thread-7717.html says that 1) PMKID = HMAC-SHA1-128(PMK, "PMK Name" | MAC_AP | MAC_STA) 2) PMK= PBKDF2(HMAC−SHA1, passphrase, ssid, 4096, 256) Should I compute PMK by iterating SHA-1 calculation 4096 times? How do I choose the block size? What is ssid? Is it ESSID of the AP? Should the ssid input be converted to HEX? Also, the output of SHA-1 is 40 hex digits long. How do I make it 256 bytes long? For the PMKID calculation, do I use PMK in hex as input? What is the second argument? Thanks. RE: PBKDF2 and SHA-1 question - philsmd - 04-06-2019
https://github.com/hashcat/hashcat/blob/773dab91616df1088b5887623547ab2bde80d9ba/tools/test_modules/m16800.pm#L40-L58 256 bits are 32 bytes (32 * 8 = 256) RE: PBKDF2 and SHA-1 question - ZerBea - 04-07-2019
if you include openssl: #include <openssl/evp.h> #include <openssl/sha.h> #include <openssl/hmac.h> PMK is calculated by: PKCS5_PBKDF2_HMAC((const char*)psk, psklen, (unsigned char*)essid, essidlen, 4096, EVP_sha1(), 32, pmk) successfull if result > 0 PMKID is calculated by: HMAC(EVP_sha1(), pmk, 32, salt, 20, pmkid, NULL); successfull if result > 0 and the salt is calculated by: char *pmkname = "PMK Name"; uint8_t salt[32]; memcpy(&salt, pmkname, 8); memcpy(&salt[8], mac_ap, 6); memcpy(&salt[14], mac_sta, 6); That's all. RE: PBKDF2 and SHA-1 question - ilya980 - 04-09-2019
I want to simulate this calculation in MATLAB. Do you know if MATLAB scripts for this already exist? Is there a good algorithm description for PKCS5_PBKDF2_HMAC and HMAC functions? I have a HMAC-SHA1 function that computes a hash from the message and a key, but I don't understand whether it is useful. Also, hashcat (m16800) is doing it differently, using OpenCL, right? Thanks. RE: PBKDF2 and SHA-1 question - ZerBea - 04-09-2019
You are right, hashcat is using OpnCl for both functions. The c code example should show that the functions are easy to implement in different coding languages like c, by adding cryptolibs. There are also java implementations: https://howtodoinjava.com/security/how-to-generate-secure-password-hash-md5-sha-pbkdf2-bcrypt-examples/#PBKDF2WithHmacSHA1 For a simulation in MATLAB (I don't use it), you have to read the basics here: https://tools.ietf.org/html/rfc8018#page-11 Unfortunately this docs are not easy to understand. A good source is stackoverflow: https://stackoverflow.com/questions/2465690/pbkdf2-hmac-sha1 RE: PBKDF2 and SHA-1 question - Caster - 10-20-2022
(04-07-2019, 11:18 AM)ZerBea Wrote: if you include openssl: but I am unable to get correct PMKID result. What I am doing wrong? see https://hashcat.net/forum/thread-11072.html |