Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20110414044418.GA24064@openwall.com>
Date: Thu, 14 Apr 2011 08:44:18 +0400
From: Solar Designer <solar@...nwall.com>
To: crypt-dev@...ts.openwall.com
Subject: Re: Answering and asking some of the first questions

On Wed, Apr 13, 2011 at 09:49:35AM -0300, Yuri Gonzaga wrote:
> 1. I have started to implement the bcrypt using SystemVerilog language and
> Altera's Quartus II design software. The ExpandKey of EksBlowFish is almost
> done, including SBoxes initialization, F function and the 18 rounds. Then, I
> will get into the setup stage and, later, finish the bcrypt.

Note that some parts of bcrypt are not actually performance critical -
you may leave those for the host system's CPU.  In JtR's BF_std.c, only
this loop:

		count = salt[4];
		do {
...
		} while (--count);

is performance-critical, or you may look at crypt_blowfish for simpler
code (lacking some optimizations not relevant to you):

http://www.openwall.com/crypt/

> 2. I am thinking of use the JTAG port avaiable in the development boards to
> receive the input parameters and send back the result. This a serial port
> that connects to a USB port on the Computer. Maybe, David has any suggestion
> to this part.

I assume it connects via an adapter.  Sounds fine unless you've got a
more suitable port.

> 3. I have downloaded the JtR source code. In the "c3_fmt.c" file, there is a
> function named "crypt_all()", which looks like to be the right point where I
> will change the code to communicate to the hardware implementation. Input
> parameters are the strings "saved_key[index]" and "saved_salt", and output
> result is the string "crypt_out[index]".

You might also want to look at this sample:

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/john/john/src/dummy.c

You'll need to define a new "format" and register it in john.c like it's
done for existing ones.

> Based in the article, where is the third input parameter, "cost"?

It's encoded in the salt string.

In BF_fmt.c and BF_std.c in JtR, the "cost" is decoded into salt[4]:

/*
 * Binary salt type, also keeps the number of rounds.
 */
typedef BF_word BF_salt[4 + 1];

> There is an API to access the JTAG communication port inside the C code. So,
> I will pass the parameters through the JTAG port, the FPGA will calculate
> the hash and send it back to the computer. Finally, I will receive that in
> the JtR using the API I mentioned.

Sounds fine.  These hashes are slow enough that the communication method
does not matter much.

> How do I can present the working code to you?

Since this initial task is closely related to JtR, you may create this
wiki page:

http://openwall.info/wiki/john/FPGA

and upload your files to there.  To upload a file to the wiki, click on
the picture icon while editing the page.

Thanks,

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.