Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20121017032217.GA11192@openwall.com>
Date: Wed, 17 Oct 2012 07:22:17 +0400
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com, john-users@...ts.openwall.com
Subject: [openwall-announce] JtR selected for Magnificent7

Hi,

I am happy to announce that John the Ripper has been selected for
Rapid7's Magnificent7 program:

http://www.rapid7.com/news-events/press-releases/2012/2012-second-round-magnificent7-program.jsp

This is not the first time for Rapid7 to support John the Ripper
development.  As many of you recall, we've optimized the DES S-box
expressions and made other DES-related changes with Rapid7's support
last year:

http://www.openwall.com/lists/john-users/2011/06/22/1

Similarly, the Magnificent7 program provides funding for specific
enhancements to Open Source projects.  In the case of JtR, we're going
to enhance its parallel and distributed processing capabilities.

Currently, JtR is able to use multiple CPUs/cores on one machine by
means of OpenMP, but this is limited to a subset of hash/cipher types:

http://openwall.info/wiki/john/parallelization#Built-in-parallelization-with-OpenMP

JtR is also able to use multiple nodes on a network, but this requires
an MPI setup.  The plan is to eliminate these limitations.

For parallel processing on one machine, the plan is to add builtin
forking of subprocesses.  This will be compatible with all formats.
(The existing OpenMP support will continue to evolve as well.)

For distributed processing, it is planned to add both a simple
command-line option usable to split the workload between multiple
disconnected nodes, as well as a full-blown implementation with
networking.  (There will be no dependency on MPI in either case.
The existing MPI support will stay as well.)

Also planned is a revision to the incremental mode.  It is expected to
provide greater efficiency (more passwords cracked per N candidates
tried).  At the same time we'll start providing .chr files for lengths
beyond 8 (this is already supported, but is currently not the default).

These enhancements have consistently stayed on the back burner, but the
funding from Magnificent7 will change that.

I'd like to thank Rapid7 for running this magnificent program.  By the
way, a total of 5 projects have been funded under Magnificent7 so far,
in two rounds of the program.  There's going to be a third round with
two more projects to fund.  Thus, I guess it's still not too late to
apply if you run an Open Source project related to IT security!

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.