Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 13 Sep 2015 19:13:56 +0300
From: Solar Designer <>
Subject: Re: experiment with functions to reject computed hashes

On Sun, Sep 13, 2015 at 05:57:10PM +0200, magnum wrote:
> On 2015-09-13 15:06, Solar Designer wrote:
> >I think most speedup when cracking few hashes is possible through
> >reversing of steps, which we're not doing yet.
> Yes we are, since a couple of months.
> $ git grep -l SSEi_REVERSE_STEPS *fmt*c
> mssql-old_fmt_plug.c
> mssql05_fmt_plug.c
> mssql12_fmt_plug.c
> nt2_fmt_plug.c
> rawMD4_fmt_plug.c
> rawMD5_fmt_plug.c
> rawSHA1_fmt_plug.c
> rawSHA224_fmt_plug.c
> rawSHA256_fmt_plug.c
> rawSHA384_fmt_plug.c
> rawSHA512_fmt_plug.c
> I mostly just put the mechanism in there, more can be done - especially 
> for SHA-2 which currently only skip the final constant addition.

Oh, OK.  I see we're not even skipping the last 3 steps for SHA-2, even
though we were already doing that on GPU a couple of years ago, but seem
to have lost that since.  BTW, I think we might in fact want to revert
the non-iterated SHA-2 GPU formats to prior to Claudio's implementation
of hash comparisons on GPU, which mostly made things worse (way too slow
when cracking more than a handful of hashes - turned out to be unusably
slow in the recent contest).  myrice's implementations worked better
(and IIRC had no GPL restrictions on them too).

As to hash reversals, we should revisit the thread referenced from:

and we may also reuse BarsWF code, which is under MIT license (although
I suspect we'd only want the ideas rather than code):


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.