Oracle password algorithm

[Oracle 7-10g]
Password rule : alphanumeric and $,%,_, max 30 character

DES-CBC ( ID || Password || zero-padding , key=0x0123456789ABCDEF , IV=all zero)
ref) The next level of Oracle attacks (http://freeworld.thc.org/papers/thc-orakelsniffert.pdf)

[Oracle 11g]
SHA-1( password || salt )

[etc]
Oracle 9i TNS 3DES authentication details
Oracle 10g TNS AES-128 authentication details
Oracle 11g TNS AES-192 authentication details

[speed]
700,000 pass/sec
http://www.red-database-security.com/whitepaper/oracle_password_cracker.html
http://www.password-crackers.com/en/category_121/