Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 13 Oct 2005 17:08:45 +0200 (CEST)
Subject: Re: Using Hardwareaccelerators to speed up John

> Sebastian,
> I'll add a few more comments to my response, please see inline:
> On Thu, Oct 13, 2005 at 06:33:49AM +0400, Solar Designer wrote:
>> The current implementation of the MD5-based crypt(3) in John (that does
>> not yet use MMX/SSE/AltiVec and the like, -- great speedups are possible
>> here!) achieves 5k c/s on a typical Pentium 4 processor (and up to 10k
>> c/s on the fastest ones available).  The 5k c/s correspond to 5 million
>> invocations of the MD5 compression function a second, plus a lot of
>> "high level" overhead.  The compression function takes a 64-byte data
>> block and a 16-byte vector as its input, and produces another 16-byte
>> vector as its output.  That's 96 bytes of data to transfer per
>> invocation.  (In practice, it is likely that a crypto card would not
>> offer the compression function on its own, resulting in more overhead.)
>> Ignoring any protocol overhead, that would amount to 480 Mbytes/second
>> of data transfer to/from the card.  That's almost 4 times the PCI
>> bandwidth.  Of course, faster buses do exist, but didn't we want an
>> economical solution and also one allowing to use multiple cards in a
>> system (with all sharing the same bus)?
> FWIW, the particular crypto card you've been referring to:
> can only do 720 Mbps at MD5.  This barely fits in regular PCI, but it is
> several times slower than what John currently achieves on typical CPUs:
> 5000 c/s * 1000 * 64 * 8 / 10**6 = 2.5 Gbps at MD5
>> > Offen you'll find just some realy lame Chips on VPN-Hardware but if
>> you
>> > don#t buy such a Cisco-Junk solution you could also get such a device
>> here
>> > (not sold yet):
>> >
>> >
>> >
>> > This card could, depends to the algorithm, do e.g. up to 920Mbps of
>> DES.
> Having reviewed this URL, I think that the 920 Mbps might correspond to
> RC4 and not DES, although I do not rule out the possibility that it
> actually refers to both of them.
>> Now this is not that bad, however, John already achieves better than
>> that on modern CPUs.  In particular, it achieves 1M c/s for traditional
>> crypt(3) on PPC G5 1.8 GHz or P4 3.6 GHz (the latter with non-public SSE
>> code, I must admit).  This roughly corresponds to 1.6 Gbps at DES.
>> PPC G5 2.7 GHz does over 1.6M c/s, which roughly corresponds to 2.5 Gbps
>> at DES.
>> More importantly, please see above for why this rate likely does not
>> apply to password cracking.
> Please don't get me wrong, -- these cards are very good for their
> intended purpose.  Their performance is in fact very impressive for
> their low power consumption.
> They're just not good at password cracking.
> --
> Alexander Peslyak <solar at>
> GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D
> 3598
> - bringing security into open computing
> environments
> Was I helpful?  Please give your feedback here:

Ok I understand your arguments.
I guess Soekris is a nice company and "maybe" they'll develop a Card
useable for john.

So if a "normal" CPU is normaly faster: What's about SMP?
John does not use more then 1 CPU at the moment so if a normal CPU works
(mostly) much better then a Crypto-Card why doesn't john support this
function? :-)

Kind regards,
Don't buy anything from YeongYang.
Their Computercases are expensiv, they WTX-powersuplies start burning and
their support refuse any RMA even there's still some warenty.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ