| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fca62f020707301602s1c3845ebmf47a9e03802c0dcc@mail.gmail.com> Date: Mon, 30 Jul 2007 16:02:34 -0700 From: "XRR ." <xor.rax.rax@...il.com> To: "Michael Holstein" <michael.holstein@...ohio.edu> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Cracking the entire set of DES-based crypt(3) hashes. Interested ? On 7/30/07, Michael Holstein <michael.holstein@...ohio.edu> wrote: > > Sure it will, it just takes adjustments to john.conf and a *lot* longer. > djohn (distributed JtR) was written to address this. Exactly. And my point is that it is only doable in a reasonable amount of time if you have on the order of 1e5 cpu cores in the cluster. I can do it for $4M, lower estimate. Not cheap enough. > The EFF built a gizmo (in 1998 no less) that could to it in 4.5 days on > average : Correct. But multiply this by the 25 iterations of DES required by crypt(). So one EFF DES cracker, or better, one copacobana box has a cracking throughput of 1 hash every 100 days or so. Not good enough. -XRR _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists