Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 25 Aug 2011 00:55:16 +0400
From: Solar Designer <>
Subject: Re: Terrible performance of sha512 (crypt) hash audit on/for Solaris

On Wed, Aug 24, 2011 at 02:36:09PM -0400, Robert B. Harris wrote:
> I compiled JtR on Solaris and ran it against some Sha512 password hashes.

You mean you ran it against some SHA-512 -based crypt(3) hashes.

> This same test can't be performed on the Windows build, Linux build on Suse, Linux build on Owl, since it doesn't support the sha512 format.

You're referring to SHA-crypt support in the "crypt" format here.
You're right, except that recent enough versions of SUSE Linux do have
SHA-crypt (it's part of glibc 2.7 and newer).

> ----If anyone knows of a version of Linux that supports sha512 hashes, please reply to this message and let me know.---------

Almost all recent ones do (including popular ones such as Ubuntu and
Fedora), Owl is more of an exception than the rule here.

> My Solaris builds were compilied with the latest version of gcc, version 4.6.1 and latest version of opensll, version 1.0.0d.

OK.  You don't need OpenSSL for this, though - this stuff is available
in non-jumbo as well.

> First, I was surprised that the sha512 passwords are worked as format=crypt (hash encoding string length 98, type id $6), and not format=raw-sha512.  (I don't know what the definition of RAW SHA512 is)

This is as it should be.  Raw SHA-512 is just that - SHA-512 as is (and
it uses OpenSSL in current -jumbo).  SHA-crypt is a higher level
algorithm built upon SHA-512 or SHA-256.  It is thousands of times slower.

In fact, you did not need to specify --format at all.  Autodetection
should have worked just fine.

> Not too long ago, it believe it was worked as format=sha512, or sha, or something like that.

No, it never did.

> Secondly, I'm very surprised at how slow my real world run is, compared to the performance test.

As magnum pointed out, "--test" for "crypt" doesn't know you're
interested in SHA-crypt, let alone in the flavor built upon SHA-512
specifically.  It merely tests the interface.  Thus, the numbers it
reports do not mean much.

> Is the sha512 hash, or something else, to blame on this poor performance?

It is normal for SHA-crypt to be very slow.

> bash-3.00$ ./john --format=crypt --wordlist=various.dic --session=test2 -rules t              est2
> Loaded 5 password hashes with 5 different salts (generic crypt(3) [?/64])
> guesses: 0  time: 0:00:00:50 0.00%  c/s: 329  trying: 0183115008 - 0188640544

This is reasonable speed for a non-OpenMP build.  You really need to
rebuild with OpenMP support.  See:

If you have an NVidia GPU and CUDA, you can try
john-1.7.8-allcuda-0.3.diff for much better performance at SHA-crypt:

As you can see, Lukas reported something like 4800 c/s on GTX 460.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.