Date: Tue, 11 Dec 2012 09:37:10 +0100 From: Per Thorsheim <per@...rsheim.net> To: john-users@...ts.openwall.com Subject: Re: Hashcat BF++ vs JtR Incremental and Markov Modes: (was How does incremental mode works?) Den 11.12.2012 09:25, skrev Simon Marechal: > On 11/12/2012 06:43, Matt Weir wrote: >> All my observations about Hashcat's Bruteforce++ mode are based on using >> Hashcat's statsprocessor (version 0.08). According to the documentation, it >> uses the same algorithm as Hashcat's other cracking programs but I could be >> wrong. Speaking about documentation, there isn't a whole lot about what BF++ >> actually does under the hood. I also don't have access to the source-code >> nor have I reversed it. So please take everything I say with a grain of >> salt. On a related note, Hashcat's wiki states: > Actually it is not the same algorithm, as BF++ bruteforces the first 2 > characters (which explains your observations). This means that > statsprocessor should perform better than BF++ with regards to the > passwords cracked / passwords tested ratio. > > I have made a similar comparison, but with an old version of statsprocessor: > > http://www.openwall.com/presentations/Passwords12-Probabilistic-Models/slide-30.html > > (You might want to check the slides, as it benchmarks something that was > inspired by your thesis!) > Without being anywhere near an expert on this subject, I'm guessing the presentations from professor Markus Duermuth & Norbert Schmitz could be of interest to the readers as well, since they also talked about Markov stuff? Markus was the supervisor for Norbert when he got his masters degree in spring 2012, where he built upon work from Matt. :-) Both presentations available from the Passwords^12 archive at http://passwords12.at.ifi.uio.no/ Best regards, Per Thorsheim
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.