Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 16 Nov 2018 11:51:15 -0500
From: Powen Cheng <madtomic@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: GekkoScience NEWPAC (Dual BM1387) USB Stickminer
 (New 2PAC)

I understand better now and thank you for your insights.

“deliberately designs a new
password hashing scheme around Bitcoin mining“

Looks like something that is possible if pair with the right talents. I
guess one could always design ASIC or use FPGA.

On this note, any FPGA that is currently useable with john? I look briefly
and I wasn’t able to determine which is better GPU or FPGA.


On Fri, Nov 16, 2018 at 10:21 AM Solar Designer <solar@...nwall.com> wrote:

> On Fri, Nov 16, 2018 at 09:42:55AM -0500, Powen Cheng wrote:
> > Even not through the use of open source of cgminer?
>
> No.
>
> > I would think solving
> > SHA256 hashes on this miner would be the same as solving hashes on JTR?
>
> It isn't.
>
> Bitcoin miners compute double-SHA-256 (not SHA-256) of block headers
> (not passwords), in which they adjust the nonce field, and then compare
> the result for being not greater than target (not for being equal to a
> target hash).  This is a sufficiently different task from what we have
> in password cracking to make Bitcoin mining ASICs non-reusable.
>
> The only exception here is if someone deliberately designs a new
> password hashing scheme around Bitcoin mining, specifically to reuse
> those ex-miners for defensive password hashing.  Then the ex-miners
> would also be usable offensively.  But to my knowledge, no one does that
> defensively, so there's also nothing to attack in this way.
>
> Alexander
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.