Posts: 13
Threads: 3
Joined: Jan 2020
Hi
I have a case in which i want to precompute a set of bcrypt hashes with a high difficulty.
I tried a ton of cpu based implementations and it is not comparable with the cracking throughput of hashcat on nvidia.
However I am missing the option to precompute a hashlist instead of cracking it with existing hashes.
I guess it isnt possible with hashcat since rainbow tables are a thing of the past?
If thats the case can someone please reference me to a opencl or cuda implementation of a bcrypt digest.
Is it possible to port it from the hashcat codebase?
Would also be interested in hiring a freelancer to help with it.
Thanks!
Posts: 35
Threads: 3
Joined: Dec 2019
01-22-2020, 04:07 PM
(This post was last modified: 01-22-2020, 04:19 PM by undeath.)
undeath edit: removed completely unnecessary quote
bcrypt has a salt which is designed to make it infeasible to precompute look up tables... ie. you don't know what the random salt is for the target system. Therefore you'd need to calculate the brcrypt hash for all possible salts?
Now I certainly have seen systems where all password hashes use the same salt, but... they're fortunately rare.
Posts: 13
Threads: 3
Joined: Jan 2020
01-22-2020, 09:47 PM
(This post was last modified: 01-22-2020, 09:47 PM by f1l1b0x.)
Hi
I am totally aware of that. I am not trying to use a rainbow table but brute force a deterministic salt next to known password. I also am not trying to hack a traditional password database but use this as part of a ecdsa key derivation method that needs recoverability.
Thanks
Posts: 407
Threads: 2
Joined: Dec 2015
You want to precompute high cost bcrypt hashes to.... use with ecdsa? I'm not sure i understand the point of this but I can probably help you.
Posts: 13
Threads: 3
Joined: Jan 2020
cool thanks Ill reach out with PM
Posts: 13
Threads: 3
Joined: Jan 2020
Still looking for someone. Help would be really appreciated and ideally I find a freelancer already familiar with hashcat.
Posts: 13
Threads: 3
Joined: Jan 2020
I added a bounty for it on freelancer.com
https://www.freelancer.com/projects/open...cl/details
looking forward to work with one of you!
Posts: 2,267
Threads: 16
Joined: Feb 2013
so you are trying to build some kind of a rainbow table in 2k20 ?
the problem that you might be also completely ignoring is that I/O (disk etc) is very slow (
https://en.wikipedia.org/wiki/File:Compu...rarchy.svg,
https://www.formulusblack.com/wp-content....22-PM.png).... so you must be very sure that you are doing it right with when and how often you flush the output to NVM SSD hopefully or ramdisk ... it could be the bottleneck even for some very higher cost factors.
Posts: 13
Threads: 3
Joined: Jan 2020
02-01-2020, 12:02 AM
(This post was last modified: 02-01-2020, 01:15 AM by f1l1b0x.)
Hi thanks for your interest!
low disk io is fine I know there is a maximum of 9 mio results and the average will be about 90000 results
also the heavy duty is in the bcrypt rounds since it will be a cost factor of 17. I expect a 1080ti card to create 1 hash every 250 ms
Thanks!
Posts: 2,267
Threads: 16
Joined: Feb 2013
if you really think that the time (printing etc) is no problem, you could just easily add a printf () statement in the comp () kernel to print the computed digest and call it a day. no need to do any fancy project or pay somebody to do a freelance job etc.