Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 27 Mar 2012 12:52:46 +0400
From: Solar Designer <>
Subject: Re: Working on DES format on CUDA

On Mon, Mar 26, 2012 at 06:11:31AM +0800, myrice wrote:
> I am currently working on DES and will first implement it on CUDA. I will
> track my progress and ask questions in this post.

OK, although this is relatively difficult or at least time-consuming
stuff for someone who hasn't been into DES and bitslicing before,
whereas a non-bitslice GPU implementation will likely be ridiculously
slow (you can try, though - at least to learn from this).

> Here are some of my questions(Tried but not get the answer :( )
> 1) How can I debug the JtR. I add -g to CFLAGS in Makefile. But gdb still
> can not find the symbols

Already answered by magnum - you also need to remove -s from LDFLAGS.

> 2) I read the code in DES_fmt.c, it seems that it is a DES-Based algorithm.
> Now I do not clear about how the salt is obtained. The only available
> information I found about salt on DES is old unix /etc/passwd. They add 2
> characters at the front of the encrypted password. However,
> the DES_raw_get_salt is more complex. Is there any document about this?

You may read about the traditional DES-based crypt(3) in many places,
e.g. in Wikipedia:

There are 25 iterations of salt-modified DES (the E expansion table is
modified when the salt value is non-zero).

> I think I will implement original DES algorithm first. Does that okay?

That's up to you.  There are JtR formats that build upon the original
DES as well (without the E table modification).

To understand bitslicing, you'll need to read Eli Biham's paper.

To be sincere, I fully expect that you won't have anything convincing
by the student selection deadline if you go with this project (I mean
focusing on DES) - so your chances of being selected are low.  On the
other hand, if you do succeed this quickly, that will boost your chances
a lot.  This is similar to the bcrypt stuff in this regard - low chances
for success with the project in the available time, but if the student
does succeed, it means a lot.  If you're brave enough or if you just
want to learn (great!), then go for it. :-)


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ