Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 25 Aug 2011 00:55:16 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Terrible performance of sha512 (crypt) hash audit on/for Solaris

On Wed, Aug 24, 2011 at 02:36:09PM -0400, Robert B. Harris wrote:
> I compiled JtR on Solaris and ran it against some Sha512 password hashes.

You mean you ran it against some SHA-512 -based crypt(3) hashes.

> This same test can't be performed on the Windows build, Linux build on Suse, Linux build on Owl, since it doesn't support the sha512 format.

You're referring to SHA-crypt support in the "crypt" format here.
You're right, except that recent enough versions of SUSE Linux do have
SHA-crypt (it's part of glibc 2.7 and newer).

> ----If anyone knows of a version of Linux that supports sha512 hashes, please reply to this message and let me know.---------

Almost all recent ones do (including popular ones such as Ubuntu and
Fedora), Owl is more of an exception than the rule here.

> My Solaris builds were compilied with the latest version of gcc, version 4.6.1 and latest version of opensll, version 1.0.0d.

OK.  You don't need OpenSSL for this, though - this stuff is available
in non-jumbo as well.

> First, I was surprised that the sha512 passwords are worked as format=crypt (hash encoding string length 98, type id $6), and not format=raw-sha512.  (I don't know what the definition of RAW SHA512 is)

This is as it should be.  Raw SHA-512 is just that - SHA-512 as is (and
it uses OpenSSL in current -jumbo).  SHA-crypt is a higher level
algorithm built upon SHA-512 or SHA-256.  It is thousands of times slower.

In fact, you did not need to specify --format at all.  Autodetection
should have worked just fine.

> Not too long ago, it believe it was worked as format=sha512, or sha, or something like that.

No, it never did.

> Secondly, I'm very surprised at how slow my real world run is, compared to the performance test.

As magnum pointed out, "--test" for "crypt" doesn't know you're
interested in SHA-crypt, let alone in the flavor built upon SHA-512
specifically.  It merely tests the interface.  Thus, the numbers it
reports do not mean much.

> Is the sha512 hash, or something else, to blame on this poor performance?

It is normal for SHA-crypt to be very slow.

> bash-3.00$ ./john --format=crypt --wordlist=various.dic --session=test2 -rules t              est2
> Loaded 5 password hashes with 5 different salts (generic crypt(3) [?/64])
> guesses: 0  time: 0:00:00:50 0.00%  c/s: 329  trying: 0183115008 - 0188640544

This is reasonable speed for a non-OpenMP build.  You really need to
rebuild with OpenMP support.  See:

http://openwall.info/wiki/john/tutorials/sha-crypt
http://www.openwall.com/lists/john-users/2010/06/20/2
http://www.openwall.com/lists/john-users/2010/06/20/3

If you have an NVidia GPU and CUDA, you can try
john-1.7.8-allcuda-0.3.diff for much better performance at SHA-crypt:

http://openwall.info/wiki/john/GPU
http://openwall.info/wiki/john/patches

As you can see, Lukas reported something like 4800 c/s on GTX 460.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.