Re: John the Ripper 1.7; pam_passwdqc 1.0+; tcb 1.0; phpass 0.0

[Solar Designer <solar () openwall com>]

On Thu, Feb 09, 2006 at 03:44:25PM -0500, Amin Tora wrote:
> Can a tool as this be as useful when there are rainbow tables out there
> to utilize for this kind of cracking? 

For salted hashes (such as of Unix passwords), definitely yes.  In fact,
I am not aware of rainbow table implementations for salted hashes,
although this is (barely) feasible for the obsolete/traditional crypt(3)
(but not for the newer flavors).
 
For saltless hashes (such as Windows LM hashes), it depends.  Is the
goal to get everything cracked, or is it to detect and eliminate
passwords that would be too weak to withstand certain attacks (e.g.,
automated remote login attempts)?  All LM hashes are crackable anyway.
(John the Ripper 1.7 can exhaustively search the entire printable
US-ASCII keyspace against any number of LM hashes within a couple of
weeks on a single modern CPU.)

When cracking large numbers of hashes at once, John the Ripper may
actually be faster than rainbow tables based crackers, -- and it will
also get the weakest passwords cracked earlier because it tries
candidate passwords in an optimal order.

Finally, often it is preferable to not spend lots of disk space and lots
of time and/or bandwidth to generate or download rainbow tables, -- and
also to not reveal your password hashes to a third party (such as one of
the online rainbow tables based cracking services).

Perhaps other Bugtraqers can provide additional reasons in favor of
either approach.

-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar