Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <1860689698.2506950.1476292431329@mail.yahoo.com>
Date: Wed, 12 Oct 2016 17:13:51 +0000 (UTC)
From:  <apingis@...nwall.net>
To: "john-dev@...ts.openwall.com" <john-dev@...ts.openwall.com>
Subject: Re: USB-FPGA development

Hi,

descrypt-ztex format is ready. I've created pull request at bleeding-jumbo: 
https://github.com/magnumripper/JohnTheRipper/pull/2307

Running test on 3 boards for the 2nd day.

It works however there are still issues.
1. Mask implementation details. 
1.1. In mask mode, it has to reconstruct a plaintext candidate out of template key and mask data. For that, it creates an array 'mask_int_cand.int_cand' - 4 bytes for every possible candidate. Then formats use the array for lookups.
The problem is that the array uses too much resources - with mask "?w?a?a?a?a" it uses 310 MBytes of RAM and ~2 sec. of CPU time for initialization. I was unable to check with mask such as "?w?b?b?b?b" because ?b doesn't seem to work correctly with 7-bit format, but I can calculate it would use up to 4 Gbytes of RAM and would cause substantial delay on program startup.
descrypt-ztex format uses divisions to reconstruct plaintext candidates, doesn't use 'mask_int_cand.int_cand' array. With on-device comparator that filters out overwhelming majority of computation results, reconstruction of plaintext candidates becomes rarily used function (called several times per second). Also I can't exclude cases where Ztex devices are connected to cost-optimized host system, in such cases host system might have no enough RAM.
So it would be great to skip allocation and initialization of 'mask_int_cand.int_cand' array if format doesn't use that.

2. Self-test.
2.1. For test array, I've generated several hashes with same salt and partial binaries. That is, on-device comparator is loaded with first 35 bits of hashes and they are the same, resulting in false positives. That cause self-test to fail. If that hashes are used for creation of password file then it works as expected, false positives successfully ruled out with cmp_exact() including the case where several false positives occur in one crypt_all() call.
2.2. "Warning: salt() returned misaligned pointer" self-test message. Format has 2-byte salt and I've set salt alignment to 2 bytes - is that correct or I should set salt_align to ARCH_WORD? Salt on host system is rarily accessed.
2.3. I've implemented a warning when mask is too short and that results in performance degradation because USB 2.0 link has no enough bandwith. The warning appears during self-test and it looks confusing. How can format know when self-test is running, to suppress the warning? Is it planned to add usage of mask in self-test?

3. FMT_REMOVE. How does format know when some binary was removed? If that's possible I'd prefer to keep comparator configuration until it actually changes - skipping unnecessary transfers to device would improve performance in case where only one salt is being audited. So far FMT_REMOVE is not implemented.


Denis

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.