Thoughts on VCL-HashCat
#1
Hey folks,

Before you read: This post's intention is 'Help me, I'm completely misunderstanding everything'.

I haven't tried VCL out myself, because of the bandwidth issue:
With VCL, actual processing is balanced over the network. Wouldn't it be better to only transfer metadata over the network, not the processing data itself?
Basically, one would have an HashCat-Server to assign work to do and HashCat-Clients to execute the work and report back.
With VCL, computing is done (somewhat) synchronized over the network. I'm talking of 'complete' async computing. The nodes report back in whenever they are ready (if a hash has been cracked), not for the processing of every single hash. (That's what I would assume VCL does)

I'm not familiar with VCL and how it exactly works, I hope the slide "VCL Workflow" in the passwords^12 presentation by J.M. Gosney helps the explain my thoughts:
http://passwords12.at.ifi.uio.no/Jeremi_...ords12.pdf

Network load is caused by kernel starts/results.
However (as I said I'm not familiar with VCL and don't know exactly what these kernel-results are), can't the network load just be reduced to "Input Data" and "Output Data"?
Example: Server assigns inputs 0-49% to ComputeNode#1, inputs 50-100% to ComputeNode#2.
The Input could be a Wordlist or char-range for brute-force. This would require transmission of all hashes and possible inputs over the network, but once that's done, server and client only share metadata (Input X isn't plaintext for hash 1, Input Y is plaintext of hash 2...)
The compute-nodes wouldn't need any further data from the broker to compute anything.
What I think VCL is doing: Transmission of the data from CPU/RAM (Program) over the network to (a program to forward this to) the OpenCL interface on a remote host (PCI-Device, which is represented by a virtual device on the server), instead of Program -> OpenCL directly.
Transmission from Program to OpenCL would be "compute hash for X", where X was derived by an input (wordlist etc).
My guess is to only transfer that input over the network to the program, the "program to OpenCL data" would be transferred locally, eliminating the need for a high-bandwidth connection.

Sure this would require some (huge) amounts of programming, especially to balance advanced attacks like permutation, but I think it could be more performant than to rely on transmission of raw OpenCL data.

Please help me as I must be completely misunderstanding this.
Thanks,
NoMad
#2
VCL is a generic OpenCL clustering platform. It's not designed around Hashcat, nor was it even designed for password cracking. There are more efficient ways of distributing load, sure. But this is a generic, drop-in solution that just works.