Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <eea4c414d9dcf57270591caf7d12ce98@smtp.hushmail.com>
Date: Tue, 18 Aug 2015 22:59:43 +0200
From: magnum <john.magnum@...hmail.com>
To: john-dev@...ts.openwall.com
Subject: 7z's KDF is unsalted (was: Re: Formats using non-SIMD SHA2 implementations)

On 2015-08-18 10:52, magnum wrote:
> On another note, it seems 7z is actually unsalted within the KDF. So one
> could make extremely effective Rainbow tables for it.

Issue #1679, PR #1681.

We now take advantage of this. Almost on par with mschapv2 and netntlmv1 :-)

$ ../run/john -test -form:7z
Will run 8 OpenMP threads
Benchmarking: 7z, 7-Zip (512K iterations) [SHA256 AES 32/64]... (8xOMP) DONE
Speed for cost 1 (iteration count) of 524288
Many salts: 7876 c/s real, 1085 c/s virtual
Only one salt:  42.1 c/s real, 5.5 c/s virtual

For each additional salt, we can skip the (very heavy) KDF and only do 
the AES checks. The speedup for 500 salts is "only" 187x here, we can 
probably boost it even more (eg. re-tune OMP_SCALE and/or optimizing the 
AES checks, which hasn't been any priority until now). I think we use 
AES-NI (if available) already but this should be verified too.

This is not merged to bleeding-jumbo yet, I made a PR for Lei to decide 
how to handle.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.