Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 15 Jun 2010 10:24:06 +0400
From: Solar Designer <>
Subject: [openwall-announce] JtR 1.7.6 (and -jumbo-2); tcb 1.0.6; bitslice DES; articles


This is to announce several items at once:

1. John the Ripper 1.7.6 is out:

The additions and changes since 1.7.5 are as follows:

* Generic crypt(3) support (enabled with "--format=crypt") has been
added for auditing password hash types supported by the system but not
yet supported by John's own optimized cryptographic routines (such as
"SHA-crypt" and SunMD5).

* Optional parallelization of the above has been implemented by means of
OpenMP along with glibc's crypt_r(3) or Solaris' MT-safe crypt(3C).

* Optional parallelization of John's own optimized code for the
OpenBSD-style Blowfish-based crypt(3) (bcrypt) hashes with OpenMP has
been added.

* A more suitable version of 32-bit x86 assembly code for Blowfish is
now chosen on Core i7 and similar CPUs (when they happen to run a 32-bit
build of John).

* More optimal DES S-box expressions for PowerPC with AltiVec (making
use of the conditional select operation) contributed by Dumplinger Boy
(Dango-Chu) have been integrated.

* The bitslice DES C source code has been reworked to allow for the use
of arbitrary SIMD intrinsics, which was previously only implemented for
AltiVec as a special case.

* Support for SSE2 and MMX intrinsics with bitslice DES (as an
alternative to the supplied assembly code) has been added (currently
only enabled for SSE2 on x86-64 when compiling with GCC 4.4+).

* Support for mixed-type longer virtual vectors (such as SSE2+MMX,
SSE2+ALU, AltiVec+ALU, and other combinations) with bitslice DES has
been added (not enabled by default yet, primarily intended for easy
benchmarks on future CPUs, with future compiler versions, with even more
SIMD instruction sets, and with different DES S-box expressions that
might be available in the future).

* The obsolete 32-bit SPARC assembly implementation of DES has been

* The loader will now detect password hashes specified on a line on
their own, not only as part of an /etc/passwd or PWDUMP format file.

* When run in "--stdin" mode and reading candidate passwords from a
terminal (to be typed by the user), John will no longer mess with the
terminal settings.

* John will now restore terminal settings not only on normal termination
or interrupt, but also when forcibly interrupted with two Ctrl-C

And one last change that was supposed to be in 1.7.5, but it was not:

* A new numeric variable has been added to the word mangling rules
engine: "p" for position of the character last found with the "/" or "%"

I'd like to thank Dumplinger Boy (Dango-Chu) for the S-box expressions,
and Erik Winkler for testing the AltiVec+ALU vectors (which didn't
provide a speedup, unfortunately, at least not on a G5 with a specific
version of GCC).  So right now the default on PowerPC/AltiVec is to use
Dango-Chu's S-boxes as-is (although the source code has been reworked),
which obviously does provide a speedup over the previous version.

The weird vector types (on x86, x86-64, and PowerPC) may now be easily
enabled by editing the #if's in the corresponding .h files.  Please
experiment with this and post your results to the john-users mailing
list.  I am especially interested in SSE2+MMX and SSE2+ALU benchmarks on
AMD processors when building with GCC 4.5 since my testing was mostly
limited to Intel CPUs.  Also, I am interested in AltiVec+ALU and double
AltiVec benchmarks (vs. single AltiVec) on IBM's POWER6 and newer CPUs.

2. The jumbo patch has been updated to John the Ripper 1.7.6, and
additionally updated with fixes for previously-integrated contributions
and with additional modules.  The current revision is 1.7.6-jumbo-2:

More detail on the changes:

3. The tcb suite, implementing our alternative password shadowing scheme
on Owl (and reused by a number of other systems), has been updated to
version 1.0.6.  The only change since version 1.0.5 is removal of a
faulty check for sparse files.  This change was needed for compatibility
with modern filesystems such as btrfs.  I'd like to thank Jim Darby for
identifying and reporting the problem to us.

More detail on the change:

Of course, Owl-current already includes tcb 1.0.6 and JtR 1.7.6.

4. We've setup a collection of papers, source code, etc. related to
bitslice implementations of DES (focusing on the S-boxes):

This was prompted by websites hosting important/unique content in this
area going down and then back up (for now).  With copies in our files
archive, this content has propagated to multiple FTP/HTTP mirrors by now.

More content is likely to be added.  Submissions are welcome.

5. My article entitled "How to manage a PHP application's users and
passwords", originally published on the Month of PHP Security website,
has been republished on the Openwall website (with slightly different

Also, it was declared the winning entry in the MOPS contest:

You could want to check out other articles published under the MOPS,
including on static PHP source code analysis, fuzzing the PHP
interpreter, the many ways in which PHP can happen to process user
input, and more:

At the same time, three old Openwall security advisories have been
updated to focus on currently relevant aspects and turned into articles:

That's all for now. :-)


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ