Xref: utzoo news.sysadmin:1348 comp.unix.wizards:12311
Path: utzoo!utgpu!watmath!clyde!att!cuuxb!dlm
From: dlm@cuuxb.ATT.COM (Dennis L. Mumaugh)
Newsgroups: news.sysadmin,comp.unix.wizards
Subject: Re: How to stop future viruses.
Summary: pre-encrypting passwords work
Keywords: parallel processing
Message-ID: <2186@cuuxb.ATT.COM>
Date: 11 Nov 88 19:35:33 GMT
References: <2178@cuuxb.ATT.COM> <778@mailrus.cc.umich.edu>
Reply-To: dlm@cuuxb.UUCP (Dennis L. Mumaugh)
Organization: ATT Data Systems Group, Lisle, Ill.
Lines: 41

In article <778@mailrus.cc.umich.edu> honey@citi.umich.edu (peter honeyman) writes:
>Dennis L. Mumaugh writes:
>>... I  encrypted  the  dictionary  FIRST.  Then  it  was  one
>>encrypt  and  a fgrep.  From start to finish (copy of /etc/passwd
>>until printing of list of lognames and password was 45 minutes!).
>
>where did you store the gigabyte file?  how long did it take to
>generate it?  (25,000 word dictionary, 4,096 salts, 11 byte output
>each.)
>

I haven't done this in years, at the time I had a 300 meg disk to
work with.

Today my approach would be to  analyze  the  salt  and  crypt  to
verify  just  which  salts  are  valid [some are not valid or are
rare].  Then I would build the dictionary of ~80000 entries  plus
variants.  Then  I  would  encrypt  it  with all salts.  I have 4
3b20's and 30 3B2's and some have gigabytes of SCSI disks. [ 6250
tapes  with 200 ips drives are also a possibilitiy].  Hence I can
split the data into several  places.  All  of  this  is  done  in
advance.

When the password file [or shadow]  is  found  I  split  it  into
equivalence  sets  and  send  the  entries  for  each  set to the
appropriate computer for munching.  Hence to time to crack is the
time to search each file.  Don't forget that your estimate is off
a bit too.  I need the 13 byte encrypted version, a separator and
then  the  plain  text.  Thus  it  is 22 bytes x 80,000 x 4096 or
7,208,960,000 bytes of storage.  With say 20 cpus  and  only  400
real  salts  I need 36,044,800 bytes per machine.  I can automate
almost all of this and thanks  to  RFS  and  LAN's  communcations
isn't  the problem.  The time is that to fgrep the 36 Meg file on
each machine.  That runs about an hour depending on load and disk
performance.

The major point is that properly prepared one CAN crack passwords
in less than an hour given adequate resources.
-- 
=Dennis L. Mumaugh
 Lisle, IL       ...!{att,lll-crg}!cuuxb!dlm  OR cuuxb!dlm@arpa.att.com