|
Message-ID: <20120821141119.GA9160@openwall.com> Date: Tue, 21 Aug 2012 18:11:19 +0400 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Arstechnica Password article (feat. Matt Weir) On Tue, Aug 21, 2012 at 09:36:16AM -0400, Rich Rumble wrote: > http://arstechnica.com/security/2012/08/passwords-under-assault/ > Good article, no mention of Jtr :( or it's incremental and other > modes, rather focus on GPU cracking using HashCat mostly; some other > tools mentioned as well. Also I had no idea we were actually going to > be up against the Erebus system (http://ob-security.info/?p=546)in the > contest, but I guess I should of known :) > While I wish JtR and all it's abilities (GPU included), the article is > accurate as far as I can tell. There are some minor inaccuracies. Anyhow, if you post these, here's another recent article by Dan: http://arstechnica.com/security/2012/08/hacked-blizzard-passwords-not-hard-to-crack/ which actually includes references to JtR in the SRP cracking context. For those not on john-dev: JimF has since actually implemented Blizzard's SRP cracking in JtR - and we're getting speeds up to about 400k c/s per CPU chip - but we have yet to see any of the presumably leaked SRP verifiers, so we don't know if the code would work on them as-is or would need some additional tweaking. On FX-8120: Benchmarking: WoW (Battlenet) SRP sha1 [32/64 GMP-exp]... (8xOMP) DONE Raw: 395264 c/s real, 49408 c/s virtual Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.