Date: Fri, 9 Sep 2011 11:18:37 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: Question over validity of concept in JtR's benchmarking code. Jim - On Thu, Sep 08, 2011 at 04:27:58PM -0500, jfoug wrote: > Is sending correct passwords to the benchmark functions a 'valid' way to > benchmark? In real testing, we assume that a correct password, is a VERY > rare event. There may be billions, or 100's of billions of passwords tested, > before a correct password is found (if ever). > > Would it not make more sense, to provide incorrect passwords when > benchmarking the format? You're right. It just did not affect benchmark results for hash types supported in the main/conservative JtR tree. In -jumbo and other patches, we probably now have formats where this makes a difference, so it may be time to make the benchmarking more real-world'ish. (I haven't considered your specific proposed changes yet.) I also would like to have benchmarking continue to test the functions for correct operation. Right now, those extra seconds are wasted in terms of testing. We're only using them to get the performance numbers. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.