'John The Ripper' Gets A Face-Lift

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/authentication/167901072/security/vulnerabilities/231000218/john-the-ripper-gets-a-face-lift.html

By Kelly Jackson Higgins
Dark Reading
June 22, 2011

One of the industry's first open-source password-cracking tools just got 
a big boost in power and performance with sponsorship from Rapid7, which 
also plans to more tightly integrate the so-called John the Ripper tool 
with Metasploit.

Alexander Peslyak, founder and CTO of Openwall, which created John the 
Ripper, says the password security-auditing tool is now nearly 20 
percent faster at cracking Data Encryption Standard (DES)-based password 
hashes -- a major improvement to the hacking tool.

That means a major decrease in the time and effort to validate whether 
passwords are following company policy for strength, for instance. 
Openwall also is offering via open source the method by which it sped up 
this process, using more optimal "S-box expressions," which are 
basically substitution tables used in calculations. The organization 
came up with a faster and more efficient way to perform these 
calculations.

"Recently, Roman Rusakov on our team came up with an idea on how to make 
use of modern computers' much greater amounts of memory and higher 
processing power to approach the optimization problem differently and 
achieve better results in a reasonable time," Openwall's Peslyak says. 
"So this is what we did."

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/