Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

ORACLE password audits

  • 15-06-2008 06:43PM
    #1
    Martyr
    Closed Accounts Posts: 1,567 ✭✭✭


    Some tools audit ORACLE passwords using brute force/dictionary attack, big corporations rely on it alot to keep networks secure..DBA's swear by their own products..

    a bitslice version doesn't exist to date, atleast not publicly.
    below is basic ORACLE DES password creation, using pseudo LATIN->UNICODE conversion which is common in alot of products.

    [php]
    /* convert the username to unicode */

    for(i = 0,len = 0; i < nNameLen && i < MAX_USERNAME; i++,len++)
    ((unsigned short *)input)[len] = ( toupper( szName ) << 8);

    /* convert the password to unicode, appending to username */

    for(i = 0; i < nPasswordLen && i < MAX_PASSWORD; i++,len++)
    ((unsigned short *)input)[len] = ( toupper( szPassword ) << 8);

    len <<= 1;

    DES_set_key(&static_key,&ks);
    DES_ncbc_encrypt((unsigned char*)input,len,&ks,(DES_cblock*)output);

    DES_set_key((DES_cblock*)output,&ks);
    DES_ncbc_encrypt((unsigned char*)input,len,&ks,(DES_cblock*)pBuf);
    [/php]

    the first call to DES_set_key() uses static key which can be pre-computed.
    the second call uses the result of the first DES_ncbc_encrypt() which can take up alot of computational time.

    to speed this up, you can use precomputed schedules.

    you declare (8 * 256) DES_key_schedules, aligned by 16 bytes

    [php]
    /* the total memory size is about 262,144 bytes */

    DES_key_schedule index_one[256] __attribute__((aligned(16)));
    DES_key_schedule index_two[256] __attribute__((aligned(16)));
    DES_key_schedule index_three[256] __attribute__((aligned(16)));
    DES_key_schedule index_four[256] __attribute__((aligned(16)));
    DES_key_schedule index_five[256] __attribute__((aligned(16)));
    DES_key_schedule index_six[256] __attribute__((aligned(16)));
    DES_key_schedule index_seven[256] __attribute__((aligned(16)));
    DES_key_schedule index_eight[256] __attribute__((aligned(16)));
    [/php]

    you initialize these using the regular/slow DES_set_key() (which only has to be called once)

    [php]
    void init_subkeys()
    {
    u32 byte_index,key_index;
    DES_key_schedule *ks;
    u8 key[8]={0};

    /* for each index of a 64-bit des key */

    for(key_index = 0; key_index < 8; key_index++) {

    ks = g_schedules[key_index];

    for(byte_index = 0; byte_index < 256; byte_index++,ks++) {
    key[key_index] = byte_index;
    DES_set_key(&key,ks);
    }
    key[key_index] = 0;
    }
    }[/php]

    then to create a DES key schedule fast, call a function which takes the key input, and calculates a key schedule based on those in memory with exclusive OR's

    [php]
    void pcDES_set_key(DES_cblock *key, DES_key_schedule *ks)
    {
    u32 i,j;
    DES_key_schedule *tmp;
    u8 *p = (u8*)key;

    memset(ks,0,sizeof(DES_key_schedule));

    for(i = 0;i < 8; i++) {

    tmp = g_schedules;
    tmp = &tmp[*p++];

    for(j = 0;j < (sizeof(DES_key_schedule) / sizeof(DES_LONG)); j += 4) {
    ((DES_LONG*)ks)[j+0] ^= ((DES_LONG*)tmp)[j+0];
    ((DES_LONG*)ks)[j+1] ^= ((DES_LONG*)tmp)[j+1];
    ((DES_LONG*)ks)[j+2] ^= ((DES_LONG*)tmp)[j+2];
    ((DES_LONG*)ks)[j+3] ^= ((DES_LONG*)tmp)[j+3];
    }
    }
    }[/php]

    to maximise performance, use SSE2 registers or Altivec on PowerPC (not shown here)

    [php]
    _sse2_DES_set_key:
    sse2_DES_set_key proc C uses esi ebx edi ebp key:dword, key_schedule:dword

    mov esi,[key_schedule]
    mov edi,[key_schedule]

    pxor xmm0,xmm0
    pxor xmm1,xmm1
    pxor xmm2,xmm2
    pxor xmm3,xmm3

    mov ebp,[key]
    add edi,64

    pxor xmm4,xmm4
    pxor xmm5,xmm5
    pxor xmm6,xmm6
    pxor xmm7,xmm7

    irp i,<0,2,4,6>

    xor eax,eax
    mov al,byte ptr[ebp+i]

    xor ebx,ebx
    mov bl,byte ptr[ebp+i+1]

    mov ecx,[g_schedules+4*i]
    mov edx,[g_schedules+4*i+4]

    rol eax,7
    rol ebx,7

    add ecx,eax
    add edx,ebx

    pxor xmm0,[ecx+16*0]
    pxor xmm1,[ecx+16*1]
    pxor xmm0,[edx+16*0]
    pxor xmm1,[edx+16*1]

    pxor xmm2,[ecx+16*2]
    pxor xmm3,[ecx+16*3]
    pxor xmm2,[edx+16*2]
    pxor xmm3,[edx+16*3]

    pxor xmm4,[ecx+16*4]
    pxor xmm5,[ecx+16*5]
    pxor xmm4,[edx+16*4]
    pxor xmm5,[edx+16*5]

    pxor xmm6,[ecx+16*6]
    pxor xmm7,[ecx+16*7]
    pxor xmm6,[edx+16*6]
    pxor xmm7,[edx+16*7]
    endm

    movdqa [esi+16*0],xmm0
    movdqa [edi+16*0],xmm4

    movdqa [esi+16*1],xmm1
    movdqa [edi+16*1],xmm5

    movdqa [esi+16*2],xmm2
    movdqa [edi+16*2],xmm6

    movdqa [esi+16*3],xmm3
    movdqa [edi+16*3],xmm7

    ret
    sse2_DES_set_key endp[/php]


    a benchmark of this on a CORE2 processor yields higher performance.

    [php]
    sse2_DES_set_key
    Seconds elapsed:4 - 27777777 k/s

    DES_KEY.ASM by Svend Olaf Mikkelson
    Seconds elapsed:14 - 7936507 k/s

    DES_set_key by Eric Leay
    Seconds elapsed:29 - 3831417 k/s
    [/php]

    download example with DLL here


Advertisement