Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 06 Apr 2015 18:37:19 +0200
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-dev@...ts.openwall.com
Subject: Re: [GSoC] John the Ripper support for PHC finalists

 Agnieszka.

On 04/06/2015 02:40 PM, Agnieszka Bielec wrote:
> 2015-04-06 11:58 GMT+02:00 Frank Dittrich <frank.dittrich@...lbox.org
> <mailto:frank.dittrich@...lbox.org>>:
>>What problems did you have? Did you mention them in any of your previous
>>mails in a way that others could understand these problems?
> 
> I mentioned that I need to know the m_cost value before the kernel
> compilation. I didn't mention about details because when I was trying with
> --cost  there was a lot of problems with that and all the
> time I was discovering a new one

Instead of adding two new command line options, you would be able to
access options.loader.min_cost[i] and options.loader.max_cost[i], once
you implement tunable cost reporting for pomelo, as I suggested earlier:
http://openwall.com/lists/john-dev/2015/04/01/11

You should care about cost values that appear in the hashes that
actually got loaded not just the cost values specified on command line.
http://openwall.com/lists/john-dev/2015/04/03/12


Furthermore, magnum suggested earlier that you could move kernel
compilation from init() to reset():
http://openwall.com/lists/john-dev/2015/04/03/13


> 1.first of all --cost only chooses "good" hashes, if I want to read --cost
> before the kernel compilation I need to use this

You could access the --cost values specified on the command line, but
there's no reason to do, see magnum's recommendation to tune for the
hashes that actually got loaded:
http://openwall.com/lists/john-dev/2015/04/03/12


> 2015-04-04 21:08 GMT+02:00 Agnieszka Bielec <bielecagnieszka8@...il.com
> <mailto:bielecagnieszka8@...il.com>>:
>>I've discovered that --cost modifies also fmt_test structure in fmt_main
>>(but only with the --test flag!). I can take advantage of this.

As suggested by magnum in
http://openwall.com/lists/john-dev/2015/04/03/12
and mentioned in my earlier reply
http://openwall.com/lists/john-dev/2015/04/04/9
you shouldn't care about whether or not --cost was specified on the
command line, but just look at the hashes you have to process.

> 2.
> 2015-04-04 21:08 GMT+02:00 Agnieszka Bielec <bielecagnieszka8@...il.com
> <mailto:bielecagnieszka8@...il.com>>:
>>If I change one hash in fmt_test to a wrong one
>>I have
>>./john --test --format="django-scrypt" --cost="14,8,1"
>>Speed for cost 1 (N) of 14, cost 2 (r) of 8, cost 3 (p) of 1
>>Raw:    403 c/s real, 14.0 c/s virtual
> 
>>./john django --format="django-scrypt" --cost="14,8,1"
>>Self test failed (cmp_all(1))
> 
>>It's a bug? (auto tune for all hashes)
> 
> 2015-04-05 0:01 GMT+02:00 Frank Dittrich <frank.dittrich@...lbox.org
> <mailto:frank.dittrich@...lbox.org>>:
>>This is not a bug, but expected behavior.
> 
> this is wery bad for me because I need to compile the kernel again for
> various values or choose the bigger one

As mentioned by magnum, this isn't much of a problem, because the
kernel(s) will be cached, see
http://openwall.com/lists/john-dev/2015/04/03/12


> 3. When I add tunable functions and when I initialize everything in
> reset() but not in init (like in opencl_mysqlsha1_fmt_plug.c)
>  - it crashes somewhere beyond my code.

Then please publish your code on github, mention the
repository/branch/specific commit, copy&paste the output/error
message/whatever, and the commands to reproduce the problem you see, so
that others can help you.

> 4.
> 2015-04-04 21:08 GMT+02:00 Agnieszka Bielec <bielecagnieszka8@...il.com
> <mailto:bielecagnieszka8@...il.com>>:
>>I've discovered that --cost modifies also fmt_test structure in fmt_main
>>(but only with the --test flag!). I can take advantage of this.
> 
> If I have the range of cost values here is a problem again
> I need to
> "compile the kernel again for
> various values or choose the bigger one... or compile the kernel over
> and over again"

If you optimize for the cost values specified on the command line
instead of the cost values of the hashes that need to be cracked, this
will most likely result in suboptimal performance.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.