World's Fastest SHA2 Implemenation on GPU

[kindongsy]

Hello, I'm currently a student studying hash functions.

I understand that Hashcat's slogan is "World's fastest password cracker."
I would like to prove that among these, Hashcat's SHA2 implementation is the fastest in the world on GPUs, but I'm not sure how to do this.

Given the recent trend in cryptocurrency mining, I understand that many performance improvements are being made, primarily in ASIC implementations.

I'm curious if Hashcat still holds the title for the most optimized code on GPUs. I am currently reviewing officially published papers, but I need your vast knowledge.

If you have any information on the fastest known code or benchmark data, please share it.

Thank you.

[penguinkeeper]

ASICs for hash/password cracking don't currently exist and mining is a greatly different workload than password cracking. Bitcoin mining ASICs and password cracking GPUs just aren't comparable. They both do the same hash function but that's where their similarities end. Miners are hashing way more data than we are, where passwords can usually fit in a single SHA2 block, while miners need potentially thousands of blocks for each transaction hash attempt.
The slogan comes from comparisons between other password cracking software, like John the Ripper, MDXFind and Cain, for which Hashcat is by fastest in benchmarks, including in SHA2. John is the only one that even comes remotely close but Hashcat will destroy it in almost every situation, especially for heavily optimised primitives like MD5 and the SHA family

[kindongsy]

ASICs for hash/password cracking don't currently exist and mining is a greatly different workload than password cracking. Bitcoin mining ASICs and password cracking GPUs just aren't comparable. They both do the same hash function but that's where their similarities end. Miners are hashing way more data than we are, where passwords can usually fit in a single SHA2 block, while miners need potentially thousands of blocks for each transaction hash attempt.
The slogan comes from comparisons between other password cracking software, like John the Ripper, MDXFind and Cain, for which Hashcat is by fastest in benchmarks, including in SHA2. John is the only one that even comes remotely close but Hashcat will destroy it in almost every situation, especially for heavily optimised primitives like MD5 and the SHA family

Thank you for your kind reply.

If optimizations have been made in SHA2 software implementations for bitcoin mining, it might be possible to compare these within an environment like Hashcat, don't you think?

I also appreciate your explanations regarding the comparisons with various other password cracking software.

[penguinkeeper]

If optimizations have been made in SHA2 software implementations for bitcoin mining, it might be possible to compare these within an environment like Hashcat, don't you think?

Actually, it's the other way around. Hashcat can probably hash in less steps than mining can because we have a target hash and parts of the hash can be reversed a few steps. Mining has to just do it fully because there isn't any "target", it's just trying to find low value hashes. In the optimisations list, this is called "Early Skip" where we can tell mid-way that a hash won't turn out to be the one we're looking for, however this has limitations in Hashcat and is only enabled with a single target hash.

"Early Skip" is this if statement here:
https://github.com/hashcat/hashcat/blob/...ed.cl#L282

Unfortunately SHA256 is one of the weaker implementations of this optimisation. Other algorithms like MD4/MD5/NTLM are way, way more impactful and can skip huge parts of the hashing process most of the time