Matt Weir | 8 Dec 03:46 2009

RE: password ranking

Hey Luke,
  First, I read your blog and I really
enjoy it. I'm actually writing my dissertation on password cracking and I've
spent a lot of time struggling with the very same problem you posted. Fist,
as Simon said, his Markov model includes a really nice option to estimate
the strength of a password against Markov based bruteforceing. 

  Second, the guys at did a great write-up on their
experiences using Amazon's EC2 service to do cloud password cracking. They
were only doing pure-brute force, (not even letter frequency analysis
enhanced), so their overall estimates aren't very accurate, (JtR's
Incremental and Markov modes blow that out of the water), but still it can
give you a nice estimate on how much it would cost to make a certain number
of guesses.  The three posts on that are:

I've been writing a couple of blog entries on how the 10k hotmail password
set faired against the different brute force methods supported by John the
Ripper, (aka pure-bruteforce, letter frequency analysis, incremental, and
Markov). I'm currently finishing one up on dictionary based attacks and
hopefully will have it up by the end of the week. The six current posts are:

I've also been doing some work with a modified version of edit distance to
attempt to reverse mangle passwords. Aka, it would take the password
P <at> ssword99, and say that the base word was 'password', and that the user
uppercased the first letter, changed the 'a' to an ' <at> ', and added the number
99 to the end. Then I can look through different password cracking rule-sets
and try to see if they contain that exact rule, and if the word 'password'
was in my input dictionary. If so, I can then roughly estimate how many
guesses it would take to crack the password. There's a lot of work I still
need to do on that though.

Finally, I'm doing some work with probabilistic password cracking, where my
professors and I are attempting a new way of modeling how people create
passwords using context free grammars. I'm using JtR as the backend cracker,
and pipeing guesses into JtR, (using the -stdin option), using our tool in
probability order. My current implementation is fairly well weaponized and I
have been having a ton of success with it on some of the lists we are
working on. A copy of our IEEE S&P paper on an older version of our tool can
be found here:

I'd love to talk more about this but I don't want to get too far off the
topic of John the Ripper on this mailing list. My e-mail is weir@...
if you have any questions though.

Matt Weir