Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 16 May 2013 09:41:17 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Incremental mode in 1.7.9.14

On 15 May, 2013, at 22:32 , magnum <john.magnum@...hmail.com> wrote:
> But the post states I used 0x7e and 15 (and likely a min of 0x20)... is it possible we lose precision somehow with the larger figures?

Nope. Here's unstable (which I referred to in that post) at 0x20 0x7e 15:

Loaded 74784 password hashes with no different salts (Raw MD5 [128/128 AVX intrinsics 12x])
guesses: 13805  time: 0:00:00:10  c/s: 940989M  trying: ns2d97 - ns2die
guesses: 16113  time: 0:00:00:20  c/s: 984717M  trying: frerey - frereg
guesses: 17348  time: 0:00:00:30  c/s: 994677M  trying: baborbong - baborbobb
guesses: 18307  time: 0:00:00:40  c/s: 999710M  trying: meroles1025 - merolesancy
guesses: 18877  time: 0:00:00:50  c/s: 997700M  trying: jiazmh77 - jiazmh99
guesses: 19858  time: 0:00:01:00  c/s: 994820M  trying: 9m8nQA - 9m8nQI


Here's using bleeding as of Apr 26 (last CVS import "In count_sort_t, renamed the pos field to index since its...") under same params:

Loaded 74784 password hashes with no different salts (Raw MD5 [128/128 AVX intrinsics 12x])
guesses: 13486  time: 0:00:00:10  c/s: 1310G  trying: ikypim - ikypho
guesses: 16150  time: 0:00:00:20  c/s: 1323G  trying: 1cdv? - 1cdvw
guesses: 17869  time: 0:00:00:30  c/s: 1310G  trying: splidi1 - splidi3
guesses: 18685  time: 0:00:00:40  c/s: 1304G  trying: askm9752 - 1ABO
guesses: 19567  time: 0:00:00:50  c/s: 1300G  trying: gult0ra - gult0rz
guesses: 20026  time: 0:00:01:00  c/s: 1286G  trying: f1mc9 - f1mxw


In the mentioned post I said "Unstable was 1.5% faster in terms of c/s but bleeding cracked 2.5% more passwords despite that". This is not reproduced above, bleeding is much faster (but this may be the sole reason for more guesses). I have no idea how I got the results back then. Maybe I confused things :-(

Here's current bleeding under the same conditions:

Loaded 74784 password hashes with no different salts (raw-md5, Raw MD5 [128/128 AVX intrinsics 12x])
Press Ctrl-C or 'q' to abort, almost any other key for status
13491g 0:00:00:10 1234g/s 18971Kp/s 18971Kc/s 1319GC/s ief9jg..ief9cd
16300g 0:00:00:20 778.7g/s 20780Kp/s 20780Kc/s 1343GC/s 15521sl..15521az
17943g 0:00:00:30 580.1g/s 21541Kp/s 21541Kc/s 1338GC/s 0ubag3..0ubagj
18745g 0:00:00:40 457.9g/s 21971Kp/s 21971Kc/s 1332GC/s 4lpc43..4lpc4s
19640g 0:00:00:50 385.6g/s 22201Kp/s 22201Kc/s 1323GC/s u5_cj..u5_cr
20172g 0:00:01:00 331.0g/s 22280Kp/s 22280Kc/s 1310GC/s ammyard7..ammyarit


There doesn't seem to be any regression since April 26. I must have done something wrong. Same tests but status at every 200Mp for better comparison:

Unstable:
Loaded 74784 password hashes with no different salts (Raw MD5 [128/128 AVX intrinsics 12x])
guesses: 14524  time: 0:00:00:14  c/s: 900179M  trying: chubamit1 - chubamiko
guesses: 16650  time: 0:00:00:25  c/s: 976039M  trying: 0hdgs1 - 0hdgsi
guesses: 17946  time: 0:00:00:37  c/s: 969879M  trying: pryouces! - pryoucero
guesses: 18731  time: 0:00:00:48  c/s: 982748M  trying: canitty1333 - canitty2531
guesses: 19799  time: 0:00:00:59  c/s: 987663M  trying: palmy25m - palmyd2k
guesses: 20357  time: 0:00:01:11  c/s: 974949M  trying: nd12ljg - nd12lp5


Bleeding:
Loaded 74784 password hashes with no different salts (raw-md5, Raw MD5 [128/128 AVX intrinsics 12x])
Press Ctrl-C or 'q' to abort, almost any other key for status
13348g 0:00:00:10 1248g/s 18709Kp/s 18709Kc/s 1274GC/s ofbvg..ofbvs
15653g 0:00:00:19 799.8g/s 20439Kp/s 20439Kc/s 1305GC/s 4gx y3..4gx yd
17557g 0:00:00:28 618.2g/s 21126Kp/s 21126Kc/s 1299GC/s sayorts..sayort!
18379g 0:00:00:37 492.2g/s 21424Kp/s 21424Kc/s 1290GC/s djc73g0..djc73gz
19082g 0:00:00:46 411.3g/s 21556Kp/s 21556Kc/s 1281GC/s asybase..asybama
19762g 0:00:00:55 358.3g/s 21762Kp/s 21762Kc/s 1272GC/s 3iu9e0..3iu9uu


Also, some tests with contest branch (not shown in detail here) indicates it performs very similar to bleeding and is a little slower.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.