Network Security: Detailed info on Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hash

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hash

from [XRR .] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?
Date:	Mon, 30 Jul 2007 16:02:34 -0700

On 7/30/07, Michael Holstein <michael.holstein@csuohio.edu> wrote:


Sure it will, it just takes adjustments to john.conf and a *lot* longer.
djohn (distributed JtR) was written to address this.


Exactly. And my point is that it is only doable in a reasonable amount of
time if you have on the order of 1e5 cpu cores in the cluster. I can do it
for $4M, lower estimate.

Not cheap enough.

The EFF built a gizmo (in 1998 no less) that could to it in 4.5 days on
average :


Correct. But multiply this by the 25 iterations of DES required by crypt().
So one EFF DES cracker, or better, one copacobana box has a cracking
throughput of 1 hash every 100 days or so.

Not good enough.

-XRR

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, n/a n/a Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, Frank Denis Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, Tremaine Lea Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, 3APA3A Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, XRR . Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, coderman Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, coderman Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, 3APA3A Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, Valdis . Kletnieks Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, Michael Holstein Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, XRR . <= Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, trains

Previous by Date:	Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, Valdis . Kletnieks
Next by Date:	[Full-disclosure] Senior Security Response Engineer needed, Eric Sites
Previous by Thread:	Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, Michael Holstein
Next by Thread:	Re: [Full-disclosure] Cracking the entire set of DES-based crypt(3) hashes. Interested ?, trains
Indexes:	[Date] [Thread] [Top] [All Lists]