Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 Feb 2012 01:13:54 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Sorted format list

On 02/22/2012 12:06 AM, Solar Designer wrote:
> On Tue, Feb 21, 2012 at 08:31:56PM +0100, magnum wrote:
>> Well you could use -gpu as a prefix. And actually, CUDA formats could
>> use that prefix too except where they clash (currently crypt-md5 and
>> phpass).
> 
> Sounds like a bad idea to me, because OpenCL is already not GPU-only and
> CUDA might become non-GPU-only soon, and because of the clashes (where
> we have both CUDA and OpenCL implementations of the same format), which
> ideally I'd like to have more of (at least so that more formats are
> usable on both NVidia and AMD cards).

You are right.

> How about we introduce some code to have the standard (non-GPU) format
> names recognized, but turned into their GPU-enabled equivalents (most
> optimal ones for the current build running on the current hardware) if
> the --gpu option is passed?  For example,
> 
> john --format=md5 passwd # use CPU
> john --format=md5 --gpu passwd # use any GPU if available and supported
> john --format=md5 --gpu=2 passwd # use a specific GPU
> john --format=cryptmd5-opencl passwd # force OpenCL even on NVidia

I'm all for this! I had similar thoughts but this is more work than just
renaming the formats and tweaking some defines.

I think if we go this path, we should also have something like
UseGPU=true/false in john.conf in case you want to have it default.

> And yes, those md5 vs. raw-md5 vs. cryptmd5 names are inconsistent.
> I am almost willing to make some change in the main JtR tree to correct
> that... but I am still undecided whether the underlying crypto primitive
> (such as "md5") or the algorithm on top of it (such as "crypt", even
> though the meaning of this varies between them) should be listed first
> (so "md5crypt" or "cryptmd5"; I think the former is more common, at
> least per Google web search).

I had some vague thoughts about introducing aliases for obsolete names,
like md5 -> cryptmd5 and salted-sha -> ssha. I'm not sure how/where to
implement it best. Anyway if that is in place it's no big deal renaming
the core MD5 format (old name still works) and you could even opt to
support BOTH cryptmd5 and md5crypt as meaning the same thing :)

magnum

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ