Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 2 Mar 2023 01:03:20 +0100
From: Solar Designer <>
Subject: [openwall-announce] John the Ripper in the cloud update 2023/02


As many of you recall, in 2020 we launched Openwall Password Recovery
and Password Security Auditing Bundle in AWS Marketplace:

We provide a pre-generated Amazon Machine Image (AMI), which lets you
start password recovery or a password security audit in minutes (if
you've used Amazon Web Services before, or you need to sign up first).

We've just updated the Bundle to use the latest John the Ripper jumbo
as of 2023/02/22, which (compared to the version we had in the Bundle
before) adds duplicate candidate password suppressor, new optimized
default wordlist and rules, more rulesets, detailed status, new formats
BestCryptVE4, Bitcoin-opencl, cardano, cryptosafe[-opencl],
ENCDataVault-MD5, ENCDataVault-PBKDF2, NT-long, restic, RVARY, optimized
descrypt and tezos-opencl, support for a wider variety of versions of
previously supported formats (for 7z, Monero, Telegram, ZIP, and more),
many reliability fixes and other changes.  We've also enabled LM-opencl.

Also updated are Amazon Linux 2 and NVIDIA GPU driver.

Along with the above, we've enabled usage of the Bundle on many new AWS
instance types: g4dn.* (which offer the smaller NVIDIA Tesla T4 GPUs,
often at a better price/performance ratio than the V100's in our
previously supported p3.* instances), p4d.24xlarge (which offers 8x
NVIDIA A100 GPUs), and 6th generation Compute and Memory optimized Intel
and AMD CPU instances (which offer higher maximum vCPU counts than 5th
generation did, now up to 128 for Intel and 192 for AMD).

Included on the Bundle homepage above are our latest benchmarks on
p3.2xlarge (NVIDIA Tesla V100 GPU), c6i.32xlarge (2x Intel(R) Xeon(R)
Platinum 8375C CPU, AVX-512), and c6a.48xlarge (2x AMD EPYC 7R13
Processor, AVX2).

In terms of historical CPU speed milestones, both of these CPU instances
are now firmly above 1 billion c/s at traditional Unix crypt(3) (aka
descrypt) when cracking many salts, are at around 10 million c/s for
md5crypt, and the AMD instance achieves 181k c/s at bcrypt cost 5.

We've also updated the (spot) instance launch instructions to reflect
changes in AWS EC2 Management Console, and made the Bundle itself
hopefully more spot instance friendly:  "Delete on termination" for the
root volume is now disabled in the AMI (as the Console appears to no
longer expose this option during instance launch), and the Bundle will
automatically resume an unfinished John the Ripper job (which it does by
issuing the "john --restore" command under "screen").

Any feedback and ideas are welcome on the john-users mailing list.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.