04-01-2013, 04:31 PM
I'd also very, very much like to see *Hashcat* support PBKDF2(HMAC-xxx, passphrase, salt, iterations, outputLengthInBits) for at least SHA-1, and preferably the entire SHA-1, SHA-2, and SHA-3 families. This is one of the major recommendations for modern web sites - I'm sure a version that takes so many input parameters (iterations and output length in addition to the usual passphrase and salt, for each HMAC type) won't be as optimized as purpose-built versions, but it should still be far faster than almost any alternate currently available!
For 1Password, however, I suspect that PBKDF2 is used in the traditional sense, to generate a symmetric encryption key that's used to encrypt and decrypt the data. The hashcat family has never supported the encryption steps at the end. In this case, perhaps John the Ripper 1.7.9 jumbo-8 (currently in development - your friend can try compiling from the unstable branch) is or will be a tool more appropriate to the target.
For 1Password, however, I suspect that PBKDF2 is used in the traditional sense, to generate a symmetric encryption key that's used to encrypt and decrypt the data. The hashcat family has never supported the encryption steps at the end. In this case, perhaps John the Ripper 1.7.9 jumbo-8 (currently in development - your friend can try compiling from the unstable branch) is or will be a tool more appropriate to the target.