GSoC/GCI Archive
Google Summer of Code 2012


Web Page:

Mailing List:

Openwall's primary focus is in development of information security related free software, information security research, publications, and community activities aimed at making existing free software safer to use.

A major one of our software projects is Openwall GNU/*/Linux (or simply Owl), a security-hardened Linux distro for servers, currently at (and beyond) version 3.0. We have a nearly perfect userland in terms of privilege reduction and privilege separation of/in individual programs/services. Specifically, Owl 3.0 is the very first Linux distro to have no SUID programs in the default install (yet be usable). Under GSoC, we'd like to proceed with further work on Owl, adding new functionality, making updates to existing functionality, and improving the system security even further (specifically, of the Linux kernel).

Another sub-project is John the Ripper, a popular Open Source and cross-platform password cracker (password security auditing tool). Its homepage has exceeded 16 million hits. Many JtR tasks are being considered for GSoC, including making JtR work "against" more kinds of "targets", optimizations, GPU support, and GUI.

Finally, we have many smaller and/or new project ideas. These include work on an extremely fast and lightweight web-based interface to mailing list archives (in C), ..., and even your own creative and relevant idea (you name it!) Please check out our ideas page for the rationale behind these projects and (a bit) more detail, then approach us with questions if interested.


  • GPU for fast hashes JtR is a good tool for password recovering. GPU helps accelerating hashes on it. However, fast hashes(hashes with only 1 iteration) have bottle neck on password generation and comparison. Also, moving password to GPU takes a lots of time. In this summer, I will working on this bottle neck to deliver really fast "fast hashes" on GPU.
  • Hardening RHEL6/OpenVZ kernel Linux kernel 2.6.32 branch is a major branch which is used by many Linux distributions as a base for their own stable branches. Hardening RHEL6 kernel with OpenVZ patch is a task which would satisfy the needs of security experienced people. The task includes porting (almost) all security features from GSoC 2011 Kernel hardening project, both accepted by upstream and NAK'ed because of too specialized usage.
  • MJohn MJohn is an infrastructure around John the Ripper to simplify or fully automate everyday tasks of a hash cracker or a team of them. One of the goals of that project is to improve collaboration and distribution during CrackMeIfYouCan contest. This project touches or even includes following roles from the ideas page: JtR: automatic rule set generation, JtR: distributed processing, including a possible sub-task: Greater interaction with running cracking sessions, JtR: parallel processing (on one node).
  • Slow hashes Short task list: - Add next slow formats to JtR --WPA-PSK (CUDA/OpenCL/CPU) --Mac OS X password hashes (10.7 and 10.8) --DES-based crypt(3) or FileVault - Optimize existing formats Aim for oclhashcat performance, It should be possible for all formats except sha*-based crypt.I would like to make them 80%+ faster. - Develop optimal thread/blocks finder for cuda patches - Try multigpu with MPI - Create auto-benchmarking tool for different pass/salt length