Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 12 Jul 2012 18:28:20 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: About very high memory usage

magnum, myrice -

On Thu, Jul 05, 2012 at 09:17:52AM +0400, Solar Designer wrote:
> Single crack mode does when you set min_keys_per_crypt this high, which
> was not expected when I designed this mode in almost its current form in
> 1998.  We have two settings - min_keys_per_crypt and max_keys_per_crypt -
> precisely to make single crack mode behave better.  The "min" should
> in fact be as low as possible while achieving reasonable performance.
> It is OK if the performance achieved at that setting is, say, twice
> worse than at "max".  What would your "min" need to be for that?  And if
> we allow for 10x worse c/s rate?
> 
> BTW, if you load more hashes (or rather, more different salts), memory
> usage will grow even further, because single crack mode allocates full
> candidate password buffers (for min_keys_per_crypt passwords) per salt.

I recalled that single crack shouldn't be allocating more than 64 KB per
salt, because it uses 16-bit offsets for the buffered keys.  So I went
to check, and indeed we forgot to include this fix into magnum-jumbo:

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/john/john/src/loader.h.diff?r1=1.9;r2=1.10
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/john/john/src/single.c.diff?r1=1.18;r2=1.19

This means that not only single crack currently allocates a lot of RAM
with GPU formats, but it may also misbehave.  We should include this fix
before -jumbo-7.  magnum - please do.

Ideally the GPU formats should run not too slowly with relatively low
numbers of keys per crypt_all() call like this (e.g., this can be just
about 500 keys or less, unless the PLAINTEXT_LENGTH is low).  CPU-like
speed would be fine, significantly slower than CPU would be bad.

We could move away from the 16-bit offsets e.g. to 32-bit, but there are
other reasons not to buffer too many keys with single crack mode anyway.

And we should document somewhere that for single crack mode CPU formats
are preferable over GPU.  This can be in doc/BUGS and doc/MODES.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.