Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 26 Mar 2011 20:59:28 +0100
From: magnum <rawsmooth@...dband.net>
To: john-dev@...ts.openwall.com
Subject: Re: john scalability

On 2011-03-26 20:12, jfoug wrote:
>> From: magnum
>> It seems very easy to add them to most formats and I have already added
>> them to a couple I needed. It may be academic for some formats but I can
>> volunteer to produce a diff with the "missing" functions added to all or
>> most formats, if that is something we should have.
>
> It likely is.  I took the ones I was 'sure' about at the time. There were
> some formats, I simply was not comfortable enough to know that my changes
> would be right. That is why I did not do them. What I did do, was put NULLs
> into the hash functions, and made loader.c NOT use those null functions.
>
> If you have the time and knowledge to get them right, then go for it.  It
> will only speed things up, for anyone doing a large bulk search, of those
> formats.

Calling it knowledge might be a bit of a stretch but as far as I can 
tell, just copying the existing and using 0xFFFF and 0xFFFFF should be 
OK for nearly all formats. Typically the first 32 bits the binary are 
used. But I wouldn't touch the AFS format, that has more stuff to it.

I now have a patch for all except AFS and I'm doing some testing. Since 
I can't claim to really know what I am doing, I'm not sure if I should 
post it. I *think* the worst case is not getting better performance. If 
the 'spot' of the binary that was picked for the hashing function for 
some reason has "imperfect distribution" for 0xFFFF or 0xFFFFF, it will 
still crack stuff OK.

Do the self tests check all five (ten) functions? I'll experiment a little.

However, I did some experimenting: Adding size 3 and 4 to mssql did not 
speed things up for 1M hashes, unless they are 1M hashes with very few 
salts. I have seen bad salt distribution with mssql but not that bad. So 
maybe this is very academic for all but the unsalted formats. Raw-sha1 
is one, but it is fixed in intrinsics-2.

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ