Date: Thu, 4 May 2017 19:32:43 +0200 From: Patrick Proniewski <p+password@...atpro.net> To: john-users@...ts.openwall.com Subject: Re: How long to recover RAR3 SHA-1 AES [32/64] hash pwd Hi, On 04 mai 2017, at 18:25, magnum wrote: > On 2017-05-02 01:02, Nick Wilsdon wrote: >> I'm trying to recover a password to an old .rar file - RAR3 SHA-1 AES >> [32/64] >> It's possibly up to 10 characters, lower-case alpha-numeric. I've been >> trying incremental mode, as my wordlists and guesses haven't worked (7 days >> so far) >> Looking at tools like - http://calc.opensecurityresearch.com/ - that seems >> to indicate this approach can potentially take 2.4m years. Can anyone >> confirm, before I build Deep Thought and pass on instructions to future >> generations?* > > That would be correct if you run it on a single, slow, CPU core (about 50 c/s). Newer high-end ones should do twice of that or more. Using a GPU or better yet several of them would speed it up substantially but even a 1000x boost wont help from 2.4 million years of course. I'm not sure about the 1000x boost. I've just tried a bench and got those results: $ OMP_NUM_THREADS=1 ./john --test --format=rar Warning: OpenMP is disabled; a non-OpenMP build may be faster Benchmarking: rar, RAR3 (4 characters) [SHA1 256/256 AVX2 8x AES]... DONE Raw: 117 c/s real, 117 c/s virtual $ ./john --test --format=rar Will run 32 OpenMP threads Benchmarking: rar, RAR3 (4 characters) [SHA1 256/256 AVX2 8x AES]... (32xOMP) DONE Raw: 1450 c/s real, 45.8 c/s virtual $ ./john --test --format=rar-opencl Will run 32 OpenMP threads Device 1: GeForce GTX 1080 Benchmarking: rar-opencl, RAR3 (length 5) [SHA1 OpenCL AES]... (32xOMP) DONE Raw: 26771 c/s real, 22755 c/s virtual $ ./john --test --format=rar-opencl --mask Will run 32 OpenMP threads Device 1: GeForce GTX 1080 Benchmarking: rar-opencl, RAR3 (length 5) [SHA1 OpenCL AES]... (32xOMP) DONE, GPU util:100% Raw: 31507 c/s real, 28444 c/s virtual So I got about 270x boost on GPU, compared to CPU without OMP, and only ~22x boost compared to full OMP. OK, it's a dual Xeon E5-2620 v4 (8 cores each). And to be fair, the GPU was used by an hashcat session that I've paused before launching the bench. I'm not sure if it can degrade the performances here. ~31000 c/s means you can test everything between 1 and 5 random [a-z0-9] in less than an hour, 6 random [a-z0-9] in less than 20 hours. It'll cost you a month to test every 7 characters long candidates, about 3 years for 8 char. Everything longer is out of reach. patpro
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.