Date: Sun, 25 Jun 2006 22:30:46 -0500 From: "Randy B" <aoz.syn@...il.com> To: john-users@...ts.openwall.com Subject: Re: faster scan for blowfish on OpenBSD 3.9 > and it is processed with a strong password hashing method. *really* strong. When I get presented a blowfish-encrypted password, I start getting all shifty-eyed and try to find something else to do. There's really no good way to go about them, other than having a really good dictionary+ruleset and a reasonably poor password. Pretty much, if I can't get even a DES password in 48 hours I give up - there are far easier and quicker ways to compromise a password. Blowfish I'll usually quit after the first two passes - it's [comparatively] so slow and those BSD-ers typically choose really nasty passwords. Your biggest chokepoint is the Blowfish algorithm itself - on an Athlon XP 1800 running 220.127.116.11, the Blowfish calculations are nearly 2000 times slower than DES. RB -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux - Powered by OpenVZ