Jump to content

Welcome to AstaHost - Dear Guest , Please Register here to get Your own website. - Ask a Question / Express Opinion / Reply w/o Sign-Up!

Toggle shoutbox Shoutbox Open the Shoutbox in a popup

@  yordan : (21 April 2014 - 09:11 PM) Hey, Ritesh, Did You Hear Me?
@  yordan : (14 April 2014 - 05:28 PM) By The Way, This Could Be An Interesting Subject For A Topic, What About Posting This Question? Let's See If Other People Have The Same Feeling Concerning Bootlists!
@  yordan : (13 April 2014 - 09:36 AM) Boot Order : Cd, [Usb,] Hard Drive :D
@  yordan : (11 April 2014 - 07:23 PM) I Simply Let The Bios Do That
@  Ritesh : (11 April 2014 - 10:23 AM) Is It Possible To Launch Fedora Live Cd Or Installation Disk From Hard Drive On Windows Platform Using Grub Mbr File.
@  Ritesh : (11 April 2014 - 10:21 AM) No U Are Not.. Btw.. I Have Question For You.
@  yordan : (10 April 2014 - 08:02 AM) You Are Partially Right.
I Was Not.
Nevertheless, I Am Again :)
@  Ritesh : (09 April 2014 - 07:33 PM) :P
@  Ritesh : (09 April 2014 - 07:33 PM) I Think U R Not..
@  yordan : (09 April 2014 - 09:28 AM) I'm The Master Of The Shoutbox!
@  yordan : (05 April 2014 - 10:32 PM) He-He
@  Ritesh : (04 April 2014 - 06:59 PM) Ha Ha Ha ....
@  yordan : (04 April 2014 - 11:15 AM) Welcome Back, Starscream!
@  yordan : (03 April 2014 - 02:31 PM) And I Hope That He Will Come Back Soon :)
@  yordan : (01 April 2014 - 02:53 PM) Nice, Ritesh Came, I'm Not Home Alone Today.
@  Ritesh : (01 April 2014 - 08:51 AM) Oh!!! Poor Dear Yordan..
@  yordan : (31 March 2014 - 10:02 AM) I'm A Poor Lonesome Cow-Boy
@  yordan : (27 March 2014 - 02:22 PM) He Is Unpatient Due To His Patients!
@  Ritesh : (27 March 2014 - 10:46 AM) :(
@  Ritesh : (27 March 2014 - 10:46 AM) He Is Busy With His Patients.

- - - - -

Cpus And Gpus Unite To Attack Passwords

5 replies to this topic

#1 tansqrx


    Super Member

  • [HOSTED]
  • 759 posts

Posted 22 October 2007 - 09:38 PM

There is a new story on Slashdot (http://it.slashdot.o...2/1851226.shtml) today about an article (http://www.net-secur...rld.php?id=5567) that could possible speed up password cracking by a factor of 25. ElcomSoft (http://www.elcomsoft.com/) has filed for a patent for a technique that uses both the CPU and GPU (graphics card) in a modern computer. ElcomSoft is a known software company that has specialized in selling password cracking software for many years. I have personally bought their software for the purpose of discovering how Yahoo! Messenger stores its passwords. Password cracking is a very shady area but it appears that ElcomSoft can actually be trusted.

The idea of using the GPU is not particularly new. The idea has been thrown around for several years but to my knowledge this is the first wide-spread practical application that has bee proposed. The science of cryptography has always been similar to the virus-antivirus arena. It is a rat race to one up the other side. It will be interesting to see which algorithms are susceptible to this attack and how the crypto community will react.

#2 Jeigh


    Whitest Black Mage

  • Members
  • 1,381 posts
  • Gender:Male
  • Location:NB, Canada
  • Interests:My interests are my hobbies, and ironically enough my hobbies are my interests. I'm quite interested in my hobbies, much more so then my interests... but I spend more time with my interests as my hobbies are often rude with me so I don't enjoy talking to them as much.
  • myCENTs:93.97

Posted 23 October 2007 - 11:02 PM

You make a few statements that aren't really wrong, but off base heh. I mean, it is sort of like the virus/antivirus thing but at the same time its quite different. Firstly you have to decide which level of encryption we are talking here, there are encryption algorithms that have existed for awhile that are currently not even in the realm of possibility to be cracked by anyone or anything that lacks government sized resources. That said if we're talking cracking lower end encryption routines then sure, it would make sense if you use more hardware and more processing power then you'd rip through encryption faster but thats the same as saying if we strap 20 processors onto cracking an encryption routine it'll happen exponentially faster.

I like the idea of using more hardware more efficiently but this just seems odd, anything your own home computer could crack relistically shouldn't be something that needs to happen super fast. I mean, if you are cracking enough encryption routines at home that this is beneficial to you... you are prooobably doing something a little shady.

#3 Grafitti


    Premium Idiot

  • [HOSTED]
  • 661 posts
  • Gender:Male
  • Location:Switzerland, but currently in Pakistan

Posted 27 October 2007 - 05:23 AM

I got an article this morning about it from Siliconvalley.. I think it's interesting, and actually quite a breakthrough.

The Law of Unintended Consequences -- a graphic example: Turns out those advanced graphics chips that render fast-moving games in flowing detail have some other uses as well -- for one, they can dramatically reduce the workload of a password hacker. New Scientist reports that Moscow-based Elcomsoft is claiming to have filed for a U.S. patent on a technique that uses the massively parallel processing capabilities of the latest graphics processing units in its "password recovery" software. Using a high-end Nvidia GeForce 8800 Ultra, Elcomsoft increased the speed of its password cracking by a factor of 25, according to the company's CEO, Vladimir Katalov. Even a less powerful, $150 graphics card can plow through a complex crack in three to five days, as opposed to the months a central processing unit alone would take.
The speed comes from the way the graphics chip handles data. NVidia spokesman Andrew Humber explains, comparing the process to searching for a word in a book: "A [normal computer processor]would read the book, starting at page 1 and finishing at page 500," he says. "A GPU would take the book, tear it into a 100,000 pieces, and read all of those pieces at the same time."
Nvidia inadvertently helped the hacking advance along in February by releasing a hardware development kit that let programmers access the GPU's processing power directly, a boon for those working on complex science and engineering problems. But, as always, one man's tool is another man's weapon.

#4 ethergeek


    Premium Member

  • [HOSTED]
  • 393 posts
  • Gender:Male
  • Location:Tucson, AZ

Posted 27 October 2007 - 10:45 AM

It's some cool stuff, but kind of old news...at least the simplicity of a gui interface for doing this will probably lead to advances in cryptography or at least raise the bar for what we all consider bare minimum for symmetric cipher strength.

As for just cracking passwords...the speed increases this could provide are nothing compared to the speed you get with a precomputed hash-style attack. Generating the hash tables might be faster, maybe tho.

#5 tansqrx


    Super Member

  • [HOSTED]
  • 759 posts

Posted 01 November 2007 - 10:13 PM

I will have to agree with you Jeigh that this is not the ultimate goal perused by “hackers” but I think you would be hard pressed to say that an almost ten fold decrease in cracking time is insignificant. All of a sudden you have taken a task that would have taken 10 years down to 1 year. In certain situations this would be the deciding factor in trying to even attempt such a crack.

I will also agree that this does little in the space of very strong ciphers. If you are using 256 AES then you have only reduced the time from well after our sun goes supernova to just before our ultimate destruction. (For those who do not know, scientists predict that out own sun will end in a supernova explosion. You shouldn’t worry too much though because this will happen billions of years in the future. At current rates, it will take many billions of years to crack current strong cryptography and thus we will not be around to see the fruits of the cracking labor.)

I also see the true power of this technology in parallel processing of some sort. If you can get a ten fold increase out of a single graphics card then imagine if you crated a computer with one CPU and 10,000 GPUs. This is exactly what happened with the greatest blows to DES. The EFF funded a project called “Deep Crack” (http://en.wikipedia....EFF_DES_cracker) that exploited specialized FPGA hardware in parallel. When given the task of computing a DES cipher, this hardware was much more efficient than any supercomputer. When you put 10,000 of these things together all of a sudden you have a super cracking machine. This was one of the many projects that ultimately showed the US government that DES needed to be replaced. I would have to have guess that even ten years before this it was inconceivable that such a thing could happen.

#6 Chesso


    Teh Coder

  • Members
  • 1,053 posts
  • Gender:Male
  • Location:Australia
  • Interests:Software Programming, Web Programming, Skateboarding, Gaming and My Fiance!
  • myCENTs:89.25

Posted 02 November 2007 - 11:20 PM

Wow...... that many?

I would really like to know though, "exactly" how do they make use of the GPU?

I imagine they get it to perform calculations just like a CPU, but how do they directly access it in such a way, and manage it properly so that you get the speed boost. I mean the power of a GPU is nothing compared to a CPU generally, how can it boost so much?

This is assuming one decent CPU VS an equally decent GPU.

Reply to this topic


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users