Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4DAA2EDF.70204@bredband.net>
Date: Sun, 17 Apr 2011 02:05:51 +0200
From: magnum <rawsmooth@...dband.net>
To: john-dev@...ts.openwall.com
Subject: MS formats optimisations (was [john-users] New format: MS Kerberos!)

On 2011-04-10 16:55, magnum wrote:
> Performance is not very impressive, it's OpenSSL.

After having time to actually understand my copy-paste-hack better I 
have realised the above is not true. It uses Solar's md4 and md5 and a 
hmac_md5 originally from the Samba project, altered by JoMo-Kun so it 
uses Solar's md5 routines. It does use OpenSSL's RC4 but that doesn't 
even show up in profiling so it's not a problem.

In revision 12 of my patch I have optimised that hmac_md5 a little. It 
was very inefficient, like first memsetting everything to zero, then 
setting everything to something else. This also affected LMv2 and NETLMv2.

Anyway, in set_key() we produce an ordinary NT hash from the plaintext. 
This also applies to NETNTLM, NETLMv2, NETNTLMv2. I wonder if this would 
benefit from applying a modified copy of crypt_all_generic (or even 
something arch specific) from NT_fmt.c? That one saves the last steps to 
cmp_exact (or _one) so it can't be used as-is but I think I could puzzle 
it together. But I'm not sure if it would perform that much better than 
the current raw md4 when just producing one NT hash at a time as opposed 
to a bunch of them?

NETLM and MSCHAPv2 has a similar "problem" in that their set_key() need 
to produce an LM hash from the plaintext. These ones currently do use 
OpenSSL. Maybe some of John's own DES code could be used there? I have 
tried to digest it but there are optimisations and stuff that probably 
makes it unusable as is? Like with the NT hashes, we really need a 
proper hash, not a john-proprietary binary.

Any thoughts are welcome.
magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.