Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 19 Mar 2012 05:29:30 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Research ideas.

Hi Lukas,

On Sat, Mar 17, 2012 at 02:17:14PM +0100, Lukas Odzioba wrote:
> I need to select subject for my master thesis. It can be related to
> JtR functionality area.

Is the JtR/GPU stuff not research-heavy enough?  What if you focus on
off-loading the candidate password generation and hash comparisons to
the GPU (for "fast" hashes)?

> Maybe you have any suggestions worth consideration?
> 
> S-BOX related stuff from gsoc ideas page looks interesting,

Yes, but be prepared that it may be difficult.  Roman's current
implementation is a 60 KB C source file with no comments, and it
implements some non-trivial algorithms.  He will likely be willing to
answer specific questions on it, but you'd need to know what exactly to
ask and be able to interpret the answer - meaning that you'd need to
figure out at least half of it yourself first. ;-)

> if it won't be realized under gsoc.

Actually, there's nothing fundamentally wrong with reusing one's own
work under GSoC for master's thesis.  That said, as you might have
noticed from the ideas page, I moved this project out of consideration
for GSoC currently, in part because of the high risk of failure.

Another related project would be producing a bitslice implementation of
the Lotus5 hashing.  This might provide a speedup of 10x over what we
currently have in JtR (we'll go from 8-bit to 128-bit).  And this
involves an S-box too.

Also somewhat related, but not involving an S-box, is producing
bitslice implementations of SHA-512 and SHA-256 and seeing if these are
faster or slower than traditional SIMD implementations (meaning that
you'd need to produce and optimize those as well).  Then the faster ones
will be used in JtR, and the research will be usable for your thesis.

Back to the topic of DES, we still have the task of implementing it on
GPU (both CUDA and OpenCL).  We readily have proper S-box expressions
for ATI, and Roman produced some that would be good for Nvidia as well
(but not all 8 yet - we may ping him or you may take over that work).

Another research-heavy project is that virtual distributed vector
computer idea.  We'd run anything bitslice on it, the compute nodes can
be CPUs or GPUs (any mix), we wouldn't need to distribute native machine
code to them and our instruction set would be very limited (maybe just
bitwise ops), so the associated security risk is avoided.

Finally, we need to achieve better performance for the existing "slow"
hash implementations on GPU - the work that you started last year (and
you and others have since contributed to).  I don't know if this is
suitable for your master's thesis or not, but this is something that we
need done.

Thanks,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.