Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 18 Dec 2011 14:34:46 -0500
From: Jordan Bradley <jordan.w.bradley@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: Making a thread safe implementation of bitslice DES

On 11-12-18 02:17 PM, Solar Designer wrote:
> On Sun, Dec 18, 2011 at 01:54:34PM -0500, Jordan Bradley wrote:
>> I'm writing a multithreaded application (using pthreads) using OpenSSL's
>> DES_fcrypt function which does the job but is slow.
> What are you doing this for?
I'm writing a distributed tripcode cracking program.
>> I'd like to use
>> JTR's bitslice implementation but it doesn't seem to be thread safe.
> It is thread-safe (in 1.7.9) as long as each thread uses its own
> instance of a DES_bs_combined structure.  This is what happens when
> 1.7.9 is built with OpenMP support, but you may as well use this with
> explicit pthreads if you like.
>
> Thread-safety generally has some performance cost, though.  This is why
> when 1.7.9 is built without OpenMP support, it simply uses a static
> instance of a DES_bs_combined structure, called DES_bs_all.  This avoids
> the need for some pointer indirection.
>
> There's also a DES_bs_all with OpenMP-enabled builds, but there
> DES_bs_all is a C preprocessor macro that uses the global DES_bs_all_p
> pointer and the local variable "t".  In your code, you may do it
> similarly or differently.
>
>> In the end I'd like it to be a drop-in replacement of DES_fcrypt()
> This is impossible.  The whole point of doing a bitslice implementation
> is that it will process multiple inputs in parallel and produce multiple
> outputs.  This doesn't fit in the DES_fcrypt() interface.
>
> Also, crypt(3) and DES_fcrypt() have some overhead to convert the ASCII
> salt string to binary, to perform DES final permutation, and to encode
> the resulting DES block with base-64 characters.  If you care about
> performance, you'll want to avoid this kind of overhead, which implies
> that you shouldn't use this interface.
>
> Alexander
Right now the method I use to generate passwords only uses printable 
characters in the ASCII range excluding # and ', however I eventually 
want to include japanese characters to increase keyspace.

Jordan

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.