![]() ![]() ![]() I do intend to add a mention of PBKDF2 to a revised version of my presentation, and I am likely to use it or at least HMAC as a component if I design a new password hashing method - not so much because of actual need, but mostly to have an easy and convincing answer about cryptographic security. The same John the Ripper release also happens to add support for cracking of many additional and diverse hash types ranging from IBM RACF's as used on mainframes to Russian GOST and to Drupal 7's as used on popular websites - just to give a few examples - as well as support for Mac OS X keychains, KeePass and Password Safe databases, Office 2007/2010 and ODF documents, Firefox/Thunderbird/SeaMonkey master passwords, more RAR archive kinds, WPA-PSK, VNC and SIP authentication, and it makes greater use of AMD Bulldozer's XOP extensions." This result reaffirms that bcrypt is a better current choice than sha512crypt (let alone sha256crypt) for operating systems, applications, and websites to move to, unless they already use one of these 'slow' hashes and until a newer/future password hashing method such as one based on the sequential memory-hard functions concept is ready to move to. A 5x speedup over AMD FX-8120 CPU per-chip is achieved for sha512crypt on NVIDIA GTX 570, whereas bcrypt barely reaches the CPU's speed on an AMD Radeon HD 7970 (a high-end GPU). Nvidia RTX 4070 Ti vs.Solardiz writes " A new community-enhanced version of John the Ripper adds support for GPUs via CUDA and OpenCL, currently focusing on slow-to-compute hashes and ciphers such as Fedora's and Ubuntu's sha512crypt, OpenBSD's bcrypt, encrypted RAR archives, WiFi WPA-PSK. We now know the eye-watering price of Nvidia’s RTX 4090 gaming laptops Nvidia’s RTX 4070 Ti is destroying AMD, even though it shouldn’t Here’s how to get Redfall Bite Back Edition for free from Nvidia These results are an excellent reminder to secure your most important accounts with two-factor authentication (2FA) and to take advantage of the relatively painless security provided by using a password manager. Intel scored a surprising win against both Nvidia and AMD recently, so the Hashcat results could be quite interesting. ![]() Doesn't really matter how many 4090s or who they are, it's still too bigĬroley is hoping to test Intel’s new Arc 770 GPU next but is having trouble getting ahold of one. There are 95 characters in the common 'full character set', and 95^15 is too large of a keyspace for pretty much anyone to attack. If it's randomly generated with something like a password manager, too long. A 15-character password made of letters, numbers, and symbols could have 95 to the power of 15 combinations, an incredibly large number. According to Croley, that would be too big of a problem to solve with current technology even if a large number of high-performance graphics cards were used. There’s greater safety when using a password manager that generates a random password of much greater length than most people would. Croley noted that the relative performance of AMD’s Radeon RX 7000 series is still unknown. Replying to a question in the same Twitter thread, Croley said Nvidia’s GeForce RTX 4090 GPU is more than three times faster than an AMD Radeon RX 6900 when using the hash speed benchmark Hashcat. Easily capable of setting records: 300GH/s NTLM and 200kh/s bcrypt w/ OC! Thanks to blazer for the run. Fitbit Versa 3įirst benchmarks on the new RTX 4090! Coming in at an insane >2x uplift over the 3090 for nearly every algorithm. ![]()
0 Comments
Leave a Reply. |