Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 25 Apr 2015 11:03:01 +0800
From: Kai Zhao <loverszhao@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Advice on proposal: John the Ripper jumbo robustness

> Please try to also undo other optimizations. E.g. enable dymanics, use
full
> config file, etc. If it's done only once it should not visibly affect
fuzzing
> speed.

> BTW, as a separate experiment, please try fuzzing with and without
> --nolog and --skip-self-test. I've seen faster fuzzing without these
options
> in some tests.

I did 5 experiments on each case. The exec speed is sampled when the run
time between 1 minute to 2 minute. Below are the datas.

1. Disable dynamics and do not use full config
-------------------------------------------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog
--skip-self-test --format=7z --config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  476us        | 2200~2230  |
-----------------------------------------------------
              | 2  |  465us        | 2185~2210  |
-----------------------------------------------------
              | 3  |  481us        | 2178~2200  |
-----------------------------------------------------
              | 4  |  494us        | 2169~2190  |
-----------------------------------------------------
              | 5  |  479us        | 2168~2190  |
-----------------------------------------------------
average |     | 479us         | 2168~2230  |
-----------------------------------------------------

2. Enable dynamics
--------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog
--skip-self-test --format=7z --config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  496us        | 2139~2160  |
-----------------------------------------------------
              | 2  |  499us        | 2133~2160  |
-----------------------------------------------------
              | 3  |  502us        | 2150~2162  |
-----------------------------------------------------
              | 4  |  480us        | 2091~2103  |
-----------------------------------------------------
              | 5  |  511us        | 2078~2113  |
-----------------------------------------------------
average |     |  497us        | 2078~2162  |
-----------------------------------------------------

The speed is about 100/sec smaller. Because we enable dynamic, then
there are more formats, and we try to valid the hash with each format, so
it is a little smaller.

3. Full config file
----------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog
--skip-self-test --format=7z

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  536us        | 2004~2017  |
-----------------------------------------------------
              | 2  |  527us        | 1950~1993  |
-----------------------------------------------------
              | 3  |  512us        | 1896~2000  |
-----------------------------------------------------
              | 4  |  534us        | 1969~1982  |
-----------------------------------------------------
              | 5  |  507us        | 2000~2020  |
-----------------------------------------------------
average |     | 523us         | 1896~2020  |
-----------------------------------------------------

The speed is about 200 smaller. Even though we read and parse config file
once, but there are also some calls, such as in the function:
ldr_load_pw_file() calls cfg_get_bool(), and the cfg_get_bool() will
traverse
all the sections of config which is slow when the config file is large.

4. Without --nolog
------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --skip-self-test
--format=7z --config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  484us        | 2186~2197  |
-----------------------------------------------------
              | 2  |  486us        | 2136~2151  |
-----------------------------------------------------
              | 3  |  481us        | 2146~2167  |
-----------------------------------------------------
              | 4  |  455us        | 2176~2185  |
-----------------------------------------------------
              | 5  |  469us        | 2163~2173  |
-----------------------------------------------------
average |     | 475us         | 2136~2197  |
-----------------------------------------------------

Without --nolog and with --nolog seems no difference on the speed, but
I am afraid that the john.log will become very large after a long time, and
I think the speed will slow then.

5. Without --skip-self-test
----------------------------------

$ export AFL_DEFER_FORKSRV='1'
$ echo '[Options]' > local.conf
$ echo garbage > test_cases/test.pw
$ afl-fuzz -m none -i test_cases/ -o out ../john @@ --nolog --format=7z
--config=local.conf

-----------------------------------------------------
              | id | exec timing | exec speed  |
-----------------------------------------------------
              | 1  |  499us        | 2135~2151  |
-----------------------------------------------------
              | 2  |  462us        | 2159~2172  |
-----------------------------------------------------
              | 3  |  466us        | 2166~2183  |
-----------------------------------------------------
              | 4  |  469us        | 2146~2152  |
-----------------------------------------------------
              | 5  |  495us        | 2178~2191  |
-----------------------------------------------------
average |     | 478us         | 2135~2191  |
-----------------------------------------------------

Without --skip-self-test and with --skip-self-test seems no difference on
the
speed. Since we return after john_init(), it will not call fmt_self_test().
In this
case, this parameter is useless.


Thanks,

Kai

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.