03-27-2017, 04:53 PM
(03-27-2017, 04:19 PM)royce Wrote: I think that maykelbembibre is asking whether using PRINCE recovers more hashes per unit of time?
maykelbembibre, "efficiency" may the word that's more commonly used to talk about this. This thread may be informative, because it explains some of the efficiencies of PRINCE.
This writeup about PRINCE by lakiw has some basic efficiency comparison graphs, but read the whole article to put them in context.
In password cracking, efficiency depends heavily on the selection of attacks, the quality and ordering of the wordlists/rules/masks, and the skill of the attacker. PRINCE definitely performs better than bruteforce -- but so do other techniques.
But what is great about PRINCE is that it "knows" a lot of cracking wisdom. It does some things automatically that otherwise have to be done manually. This is why it performs well "out of the box", especially for new users or for unattended cracking. atom's original PRINCE presentation explains some of the approaches that PRINCE takes under the hood.
There is a thread or post somewhere where atom compares the performance of PRINCE with how well a pro team did in a contest, but I can't find it at the moment.
The bottom line is that, all things being equal, PRINCE is more efficient than many simple attacks, but is not as good as an expert with a groomed set of tools. The point of PRINCE is that your efficiency goes up in an unattended manner, without having to script a variety of attacks.
Fortunately, you can (and should) do both! The great thing is that PRINCE is just one tool in the toolbox. You can use PRINCE with other attacks, and between other attacks to discover patterns in passwords that you might not have otherwise discovered (or discovered as quickly).
I am really confused about all of this stuff. First, I was told to investigate if this https://github.com/RUB-SysSec/OMEN can recover more hashes per unit of time than a traditional dictionary or brute force attack done with Hashcat or John the Ripper. Then, in that same link I found that OMEN was clearly outperformed by PRINCE. So, now, I need to find if the princeprocessor could recover, as you say, more hashes per unit of time than the traditional attacks. According to the documentation that I read, it seems like OMEN recovers more hashes per unit of time than the traditional attacks when the hash algorithm is very slow and that if the hash is fast it doesn't make a difference. If PRINCE is better than OMEN with slow hashes, I must suppose that PRINCE is the best way to go with the slow hashes? Or will it recover more or less the same number of hashes per unit of time as a simple dictionary attack? This is very confusing.