Date: Sun, 17 Apr 2011 02:05:51 +0200 From: magnum <rawsmooth@...dband.net> To: john-dev@...ts.openwall.com Subject: MS formats optimisations (was [john-users] New format: MS Kerberos!) On 2011-04-10 16:55, magnum wrote: > Performance is not very impressive, it's OpenSSL. After having time to actually understand my copy-paste-hack better I have realised the above is not true. It uses Solar's md4 and md5 and a hmac_md5 originally from the Samba project, altered by JoMo-Kun so it uses Solar's md5 routines. It does use OpenSSL's RC4 but that doesn't even show up in profiling so it's not a problem. In revision 12 of my patch I have optimised that hmac_md5 a little. It was very inefficient, like first memsetting everything to zero, then setting everything to something else. This also affected LMv2 and NETLMv2. Anyway, in set_key() we produce an ordinary NT hash from the plaintext. This also applies to NETNTLM, NETLMv2, NETNTLMv2. I wonder if this would benefit from applying a modified copy of crypt_all_generic (or even something arch specific) from NT_fmt.c? That one saves the last steps to cmp_exact (or _one) so it can't be used as-is but I think I could puzzle it together. But I'm not sure if it would perform that much better than the current raw md4 when just producing one NT hash at a time as opposed to a bunch of them? NETLM and MSCHAPv2 has a similar "problem" in that their set_key() need to produce an LM hash from the plaintext. These ones currently do use OpenSSL. Maybe some of John's own DES code could be used there? I have tried to digest it but there are optimisations and stuff that probably makes it unusable as is? Like with the NT hashes, we really need a proper hash, not a john-proprietary binary. Any thoughts are welcome. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.