Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <003a01cd18f6$7193de70$54bb9b50$@net>
Date: Thu, 12 Apr 2012 16:51:40 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: RE: PDF format

Almost all of the speed problems, within the salt system, are calling crack
to test for 'something', when you do not have a password.  IF (and that's a
big if), this code really does need to be done, then we should ONLY do this
at load time, and not every time we reload a salt.

if (encdata->revision == 2) {
	if (knownPassword) {
		if (!isUserPasswordRev2())
			return false;
		memcpy(encKeyWorkSpace, pad, 32);
	} else {
		memcpy(password_user, pad, 32);
**		//knownPassword = isUserPasswordRev2();
++		knownPassword = true;
	}
} else if (e->revision >= 3) {
	memcpy(buf, pad, 32);
	memcpy(buf + 32, e->fileID, e->fileIDLen);
	tmp = malloc(sizeof(uint8_t) * 16);
	md5(buf, 32 + e->fileIDLen, tmp);
	rev3TestKey = tmp;
	if (knownPassword) {
		if (!isUserPasswordRev3())
			return false;
		memcpy(encKeyWorkSpace, pad, 32);
	} else {
		memcpy(password_user, pad, 32);
**		//knownPassword = isUserPasswordRev3();
++		knownPassword = true;
	}


I show where I simply comment things out ( the ** lines ), and where I added
new lines ( the ++ lines ).  I am not sure the ++ is correct or not.  By
making only these changes (and those functions are the workhorses called
within the crypt_all function), then multi-salt runs at 95% the speed of 1
salt (vs about 45% in the current build).  

Jim.


>-----Original Message-----
>From: Dhiru Kholia [mailto:dhiru.kholia@...il.com]
>Sent: Thursday, April 12, 2012 10:17 AM
>To: john-dev@...ts.openwall.com
>Subject: Re: [john-dev] PDF format
>
>On Sun, Mar 25, 2012 at 6:47 PM,  <jfoug@....net> wrote:
>> The logic in get_salt() and set_salt() should be reversed.
>>
>> Within pdf (and a few other formats), a lot of time is spent within
>the set_salt function, parsing, allocating, setting up a complex
>structure.   This type of work should NOT be done within the runtime
>loop.  If done in set_key(), then it is in the runtime loop, and each
>salt computation will be done for EACH salt for EACH password (block of
>pw's) attempted.  This time spent in set_salt() will GREATLY slow down
>the format.
>> If this same logic is moved to get_salt(), then it will be done ONE
>time, for each salt, at the load time of john.  There will be no runtime
>penalty for a 'complex' salt.
>
>This is now done and committed to magnum-jumbo. However "many salts"
>case is still slower than "one salt" case. Is this due to initPDFCrack
>function being called from set_salt?
>
>--
>Cheers,
>Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.