Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20110608172052.GA29637@openwall.com>
Date: Wed, 8 Jun 2011 21:20:52 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: 1.7.7-jumbo-6

On Wed, Jun 08, 2011 at 08:37:58PM +0400, Solar Designer wrote:
> On Tue, Jun 07, 2011 at 10:41:43PM -0700, Dhiru Kholia wrote:
> > 1. What about limiting the patch to OpenSSL 1.0.0 series (which
> > hopefully works!)?
> 
> This is what I did in -RC4.  I also added a check for "compiled against
> 1.0.0+, but running with older version" (which may happen with dynamic
> linking).  This is totally untested.

This was slightly buggy.  Fixed in -RC5 (on the wiki).

> The warning message I added says it disables OpenMP, although it
> actually only reduces max_keys_per_crypt to 1.  This appears to have
> almost no performance impact for this format, so I think it's OK as a
> workaround (definitely better than a crash).

On a dual Xeon E5420 (8 cores total, 2.5 GHz, no HT), Owl-current
(OpenSSL 1.0.0d), I am getting:

Non-OpenMP build:

Benchmarking: ssh [32/64]... DONE
Many salts:     79008 c/s real, 79008 c/s virtual
Only one salt:  78035 c/s real, 78035 c/s virtual

OpenMP:

Benchmarking: ssh [32/64]... (8xOMP) DONE
Many salts:     352204 c/s real, 44324 c/s virtual
Only one salt:  353625 c/s real, 44225 c/s virtual

Somehow only a 4.5x speedup, even though we have 8 "true" cores and zero
system load (the machine is totally unused).

Testing of the runtime check (I patched the check to require
non-existent OpenSSL 2.0 at runtime, just to test it):

Benchmarking: ssh [32/64]... (8xOMP) Warning: compiled against OpenSSL 1.0+, but running with an older version -
disabling OpenMP for SSH because of thread-safety issues of older OpenSSL
DONE
Many salts:     62003 c/s real, 7760 c/s virtual
Only one salt:  61797 c/s real, 7714 c/s virtual

$ ./john ../src/unused/sshdump
Warning: compiled against OpenSSL 1.0+, but running with an older version -
disabling OpenMP for SSH because of thread-safety issues of older OpenSSL
Loaded 2 password hashes with 2 different salts (ssh [32/64])
12345            (rsa_test.key)
12345            (dsa_test.key)
guesses: 2  time: 0:00:00:00 DONE (Wed Jun  8 21:19:07 2011)  c/s: 64437  trying: 12345
Use the "--show" option to display all of the cracked passwords reliably

Well, it's not pretty and there's performance impact (vs. non-OpenMP
build), but it works.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.