Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 25 Nov 2018 17:24:57 +0100
From: Frank Dittrich <frank.dittrich@...lbox.org>
To: john-users@...ts.openwall.com
Subject: Re: Chunk of work specification

Hi all,

I just noticed that I accidentally sent a direct reply (prior to
Alexander's replies) instead of replying to the list, so I'll just send
the same information to the list...


Am 24.11.18 um 10:02 schrieb Vojtěch Večeřa:
I know that JtR has --node parameter but it doesn't seem too
> intuitive nor precise when it comes to the exact sizes of chunks.

The trouble is, even if you had chunks of exactly the same chunk size,
some might be much faster than others, e.g., because some chunks crack
many passwords, while others don't. (For fast hash algorithms, writing
the cracked passwords into the pot file and logging the crack in the log
file will have a measurable performance impact.)

But you don't easily (i.e., without a measurable performance impact, at
least for faster hash algorithms) get chunks of the same size for many
cracking modes.
Even for simple --wordlist mode with --rules, where you could define
chunks of the same size, real work depends on how many of the rules get
rejected (e.g., because the hash algorithm isn't case sensitive), or how
many words from the word list file will get rejected, e.g., because they
don't contain a letter a, e, o, i, l, etc.
(So, a node which gets a large chunk of l337 rules will be much faster
than others, because the amount of actual work is smaller.)

For incremental mode, the chunk sizes will vary depending on password
candidate length and the character count. In general, the chunk sizes
will get larger the longer you run incremental mode.
If you want to use --incremental mode with slow hash algorithms, you
could look into john's Parallel external mode, adjust it accordingly,
and run --incremental combined with a different --external=... mode on
each of your machines.
For faster hashes or a large number of nodes, you'll just waste a lot of
CPU time, because each john instance will generate all the password
candidates, but reject all but 1 out of N candidates in --external mode.
(But you'd definitely get chunks of the same size.)

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.