Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 02 Feb 2012 20:30:45 +0100
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: Re: OpenCL vs Test Suite

On 01/27/2012 08:40 PM, Samuele Giovanni Tonon wrote:
> On 01/27/12 00:46, magnum wrote:
>> On 01/27/2012 12:29 AM, jfoug wrote:
>>> Many of these 'may not' be problems.  What they often are, is the format has
>>> a limitation of length of password that is 'able' to be tried.
>>>
>>> That is fully acceptable.  If the format only handles words up to 18 bytes,
>>> and there are 50 of them that are 19 to 32 in there, then expect them to
>>> fail.
>>
>> True, I did not notice some formats have a lower max size than SSE2
>> ones. Hopefully, some of the formats are OK! But ssha-opencl is not :)
>>
> yes ssha-opencl is setted to have password up to 15 chars; this due to
> to speed issue on opencl; however you can switch plaintext_length to
> 32 and there shouldn't be problem .

The ssha issue (total fail in TS) was my bad, I used the wrong test file
(though the CPU format *can* crack the one I used before!). Here is a
new jtrts.dat (last 5 lines changed) with this corrected as well as
expected cracks corrected for max lengths. Also, I spotted a couple of
"problems":

1. The new aligment tests in CVS john (or bleeding-jumbo) makes ssha
sometimes fail self-test on 64-bit. There is no real problem, but the
enclosed patch for get_salt() gets rid of this.

2. ssha has a PLAINTEXT_SIZE of 16 but only copied a maximum of 15 (due
to strnzcpy reserving the last one for a null). The enclosed patch make
it pass Test Suite with length 16 (and might be faster too). The
assumptions is a null byte is not really needed (and it doesn't seem to be).

3. raw-sha1 had a mismatch between PLAINTEXT_SIZE and actual buffer
space used, but I believe this is already addressed in the patch I got
today (and just committed).

With these things fixed, I got all opencl formats pass self-test.

Then there's the problem with test duration (Test Suite crypt MD5 for
CPU takes 4 seconds, while OpenCL version takes almost 2 minutes on a
GTX280 and 8 minutes on a 9600GT). I believe this is due to how the test
suite works, vs. the huge batches the OpenCL formats use. Not a real
problem. This was discussed in
http://www.openwall.com/lists/john-dev/2011/05/23/13 and follow-ups.

magnum

View attachment "0002-ssha-opencl-Max-effective-length-was-15-this-make-it.patch" of type "text/x-patch" (791 bytes)

View attachment "0001-NSLDAPS_opencl_fmt.c-bodge-to-be-sure-to-satisfy-the.patch" of type "text/x-patch" (1110 bytes)

Download attachment "jtrts.dat" of type "application/x-ns-proxy-autoconfig" (29020 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.