Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 15 Aug 2012 02:06:23 -0400 (EDT)
From: jfoug@....net
To: john-dev@...ts.openwall.com
Subject: RE: SRP

Here is a version (same as last, still 'battlenet' SRP), which can be 
compiled with no flags, and builds with oSSL's BN, or you can add 
-DHAVE_GMP to the CFLAGS, and add -lgmp to the LDFLAGS (and of course 
have libgmp installed), and it will build either way.

Here are the timings on my 32 bit Athlon:

$ ../run/john -test=5 -form=wowsrp
Benchmarking: WoW (Battlenet) SRP sha1 [32/32 GMP-exp]... DONE
Raw:    21765 c/s real, 21768 c/s virtual

$ ../run/john -test=5 -form=wowsrp
Benchmarking: WoW (Battlenet) SRP sha1 [32/32 oSSL-exp]... DONE
Raw:    16973 c/s real, 16973 c/s virtual


So oSSL was not 'too' bad here, but it is pretty recent version.

$ openssl
OpenSSL> version
OpenSSL 1.0.1c 10 May 2012
OpenSSL>

The oSSL was pretty darn easy to code to, for this trivial task. 
However, I have read several bug reports of some older versions and 
their BN_mod_exp* functions.  Note, many of the error reports were not 
using a prime number for the mod (we do here).  I think oSSL is mostly 
targeting prime modulus, since that is what is used in encryption.  The 
SRP prototype here, does use a prime.

There are a couple of spurious warnings when building with oSSL.  I am 
not overly worried about them, since this really still is just POC.

I probably should dig into the RFC solar posted, along with comparing 
SRP against the native oSSL version.

jim.



On Tue, Aug 14, 2012 at 10:54 PM, jfoug wrote:

>> From: Solar Designer [mailto:solar@...nwall.com]
>> Rather than have jumbo depend on GMP, maybe this format should be 
>> made
>> non-plug and the GMP dependency made optional then (HAVE_GMP).
>
> We need to explore oSSL and its speed, and also it's availability.
>
> If it is there, but slower, then we have it in by default, and 
> implement a
> 'HAVE_GMP', that will add the -lgmp to LDLFAGS and change the code 
> used in
> the format.  I have a feeling GMP will be faster than oSSL, at least 
> older
> oSSL, but I 'could' be wrong.  Torbjorn codes some pretty good stuff, 
> for a
> general purpose math lib.
>
> Jim.

View attachment "wow_srp_fmt_plug.c" of type "text/plain" (10467 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.