Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 22 Jan 2009 02:51:01 +0300
From: Solar Designer <>
Subject: Re: keyspace, mask password and dumb bruteforce

On Wed, Jan 21, 2009 at 04:45:17PM -0600, Billy Newsom wrote:
> You know, if I might butt in here... I haven't looked at 
> in a long time, but for the last 10 years at least 
> they have had clients, and open source clients, which are made to 
> distribute blocks of hashes to be cracked with a number of different 
> algorithms.

It's not "blocks of hashes" that they distribute, but it does not matter
in this context anyway.

> In other words, it is already a distributed form of John, 

No, it is not.  The way they distribute the workload is inappropriate
for almost all uses of John.  Also, the security threats are different.

> Why don't you see if the licenses of the codes would allow you to sort of 
> meld the client/server platforms with the complexity of John.

This doesn't make sense for almost all uses of John.

The exception is when you're willing to throw a lot of computing
resources at cracking one publicly known hash, and you cannot or don't
care to optimize the order in which candidate passwords are tried.

> In effect, the interface of John is terrible but powerful, while the 
> distributed clients are easy but pretty dumb. I think you need easy and 
> dumb and distributed... Now just hack their stuff to do the cracking you 
> need to do, right? Probably over-simplifying, but that's my 2 cents.

I'm not sure what you're referring to here.  The user interface?  If so,
it has little to do with how the workload is distributed.

> I would much rather work with something already into networking and hash 
> passing and key distribution instead of hacking into jTr. Look, there's a 
> wheel!

That's up to you. :-)


To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.