Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 27 Mar 2012 12:52:46 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Working on DES format on CUDA

On Mon, Mar 26, 2012 at 06:11:31AM +0800, myrice wrote:
> I am currently working on DES and will first implement it on CUDA. I will
> track my progress and ask questions in this post.

OK, although this is relatively difficult or at least time-consuming
stuff for someone who hasn't been into DES and bitslicing before,
whereas a non-bitslice GPU implementation will likely be ridiculously
slow (you can try, though - at least to learn from this).

> Here are some of my questions(Tried but not get the answer :( )
> 
> 1) How can I debug the JtR. I add -g to CFLAGS in Makefile. But gdb still
> can not find the symbols

Already answered by magnum - you also need to remove -s from LDFLAGS.

> 2) I read the code in DES_fmt.c, it seems that it is a DES-Based algorithm.
> Now I do not clear about how the salt is obtained. The only available
> information I found about salt on DES is old unix /etc/passwd. They add 2
> characters at the front of the encrypted password. However,
> the DES_raw_get_salt is more complex. Is there any document about this?

You may read about the traditional DES-based crypt(3) in many places,
e.g. in Wikipedia:

http://en.wikipedia.org/wiki/Crypt_(Unix)#Traditional_DES-based_scheme

There are 25 iterations of salt-modified DES (the E expansion table is
modified when the salt value is non-zero).

> I think I will implement original DES algorithm first. Does that okay?

That's up to you.  There are JtR formats that build upon the original
DES as well (without the E table modification).

To understand bitslicing, you'll need to read Eli Biham's paper.

http://en.wikipedia.org/wiki/Bit_slicing#Modern_use
http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-info.cgi?1997/CS/CS0891

To be sincere, I fully expect that you won't have anything convincing
by the student selection deadline if you go with this project (I mean
focusing on DES) - so your chances of being selected are low.  On the
other hand, if you do succeed this quickly, that will boost your chances
a lot.  This is similar to the bcrypt stuff in this regard - low chances
for success with the project in the available time, but if the student
does succeed, it means a lot.  If you're brave enough or if you just
want to learn (great!), then go for it. :-)

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.