PBKDF2 and SHA-1 question
#1
Hi,

Could you please help me sort out how to properly compute PMKID?

I recorded the hash with hcxdumptool and converted with hcxpcaptool. I have a code that computes SHA-1 hash as a function of key (char) and message (char). I want to calculate PMKID (the first string in the file) using the SHA-1 code.

This thread https://hashcat.net/forum/thread-7717.html says that 
1) PMKID = HMAC-SHA1-128(PMK, "PMK Name" | MAC_AP | MAC_STA)
2) PMK= PBKDF2(HMAC−SHA1, passphrase, ssid, 4096, 256)

Should I compute PMK by iterating SHA-1 calculation 4096 times? How do I choose the block size? What is ssid? Is it ESSID of the AP? Should the ssid input be converted to HEX? Also, the output of SHA-1 is 40 hex digits long. How do I make it 256 bytes long?

For the PMKID calculation, do I use PMK in hex as input? What is the second argument? 

Thanks.
Reply
#2
https://github.com/hashcat/hashcat/blob/...pm#L40-L58

256 bits are 32 bytes (32 * 8 = 256)
Reply
#3
if you include openssl:

#include <openssl/evp.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>

PMK is calculated by:
PKCS5_PBKDF2_HMAC((const char*)psk, psklen, (unsigned char*)essid,  essidlen, 4096, EVP_sha1(), 32, pmk)
successfull if result > 0

PMKID is calculated by:
HMAC(EVP_sha1(), pmk, 32, salt, 20, pmkid, NULL);
successfull if result > 0

and the salt is calculated by:

char *pmkname = "PMK Name";
uint8_t salt[32];
memcpy(&salt, pmkname, 8);
memcpy(&salt[8], mac_ap, 6);
memcpy(&salt[14], mac_sta, 6);

That's all.
Reply
#4
I want to simulate this calculation in MATLAB. Do you know if MATLAB scripts for this already exist? Is there a good algorithm description for PKCS5_PBKDF2_HMAC and HMAC functions? I have a HMAC-SHA1 function that computes a hash from the message and a key, but I don't understand whether it is useful. Also, hashcat (m16800) is doing it differently, using OpenCL, right?

Thanks.
Reply
#5
You are right, hashcat is using OpnCl for both functions. The c code example should show that the functions are easy to implement in different coding languages like c, by adding cryptolibs.
There are also java implementations:
https://howtodoinjava.com/security/how-t...thHmacSHA1

For a simulation in MATLAB (I don't use it), you have to read the basics here:
https://tools.ietf.org/html/rfc8018#page-11
Unfortunately this docs are not easy to understand.

A good source is stackoverflow:
https://stackoverflow.com/questions/2465...-hmac-sha1
Reply
#6
(04-07-2019, 11:18 AM)ZerBea Wrote: if you include openssl:

#include <openssl/evp.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>

PMK is calculated by:
PKCS5_PBKDF2_HMAC((const char*)psk, psklen, (unsigned char*)essid,  essidlen, 4096, EVP_sha1(), 32, pmk)
successfull if result > 0

PMKID is calculated by:
HMAC(EVP_sha1(), pmk, 32, salt, 20, pmkid, NULL);
successfull if result > 0

and the salt is calculated by:

char *pmkname = "PMK Name";
uint8_t salt[32];
memcpy(&salt, pmkname, 8);
memcpy(&salt[8], mac_ap, 6);
memcpy(&salt[14], mac_sta, 6);

That's all.

but I am unable to get correct PMKID result. What I am doing wrong?

see https://hashcat.net/forum/thread-11072.html
Reply