Slashdot Mirror
New Password Recovery Technique Uses CPU and GPU Together
BaCa writes to mention that a new hardware/software combination has been created by a company called ElcomSoft that will reportedly allow cryptography professionals to build cheap PCs that work like supercomputers for the specific task of retrieving lost passwords. Utilizing a combination of the CPU and the GPU the task of brute forcing a password may be reduced by as much as a factor of 25. "Until recently, graphic cards' GPUs couldn't be used for applications such as password recovery. Older graphics chips could only perform floating-point calculations, and most cryptography algorithms require fixed-point mathematics. Today's chips can process fixed-point calculations. And with as much as 1.5 Gb of onboard video memory and up to 128 processing units, these powerful GPU chips are much more effective than CPUs in performing many of these calculations."
Nvidia's CUDA, which is what they're talking about, supports multiple graphics cards in the same computer. You don't actually use SLI, just run programs on multiple graphics cards. They've demoed systems with 3 8800GTXs (they take up 2 expansion card slots each, so you can't fit more than that in a single normal sized desktop case).
This project has been around for a long time: http://www.gpgpu.org/ Though I agree modern GPU's are even more useful for general purpose computing.
That's not the problem. The problem is primarily people who gain physical access to the hashes, and load them onto much beefier machines to do the processing for them. 100% CPU for days on end will eventually warrant a call to the help desk stating that their computer is "too slow."
While I agree that for this to be a problem, a previous security hole has to exist somewhere, it's more the "what if that happens" that is the problem. If a hash, and just a hash is stolen, it's not exactly going to set off alarms.
Likewise, once unknown person X has your hash, it's over.
Petter Nordahl-Hagen's Offline NT Password & Registry Editor: http://home.eunet.no/~pnordahl/ntpasswd/
NOTE: Tested on: NT 3.51, NT 4 (all versions and SPs), Windows 2000 (all versions & SPs), Windows XP (all versions, also SP2), Windows Server 2003 (all SPs), Vindows Vista 32 and 64 bit.
This is the company with which Dmitry Sklyarov was employed at the time of his arrest by the FBI, back in 2001. Before his arrest, at a conference, Dmitry made a presentation on cracking Adobe's eBook DRM. The method used for this crack was utilized in Elcomsoft's Advanced eBook Processor software.
This was really big news back in 2001-2002, although I guess thats a bit too long ago for most slashdot readers, since I (surprisingly) haven't seen any other comments mentioning this.
I'm just wondering, should I take the summary as intentionally ironic (i.e. as if it had referred to an operating system "by a company called Microsoft"), or should I assume it was written by someone *fascinatingly* oblivious to the recent history of decryption software and the disputed legalities thereof? An informed, non-ironic summary would simply say, "...by ElcomSoft...", of course.
For any of you who may have been living under a rock (possibly on another planet), ElcomSoft is the company that was employing Dmitry Sklyarov, who was arrested in the US on DMCA charges when he'd come to present at a conference. Wikipedia has more.
Fail.
...allow cryptology professionals to build affordable PCs that will work like supercomputers when recovering lost passwords. Cut and pasted from "How to write with spin for dummies"Fail.
...will be incorporating this patent-pending technology into their entire family of enterprise password recovery applications. Corporate press release copy and paste == Fail.Numerous grammatical errors == Fail.
If you are connecting to Linux or a BSD or anything else that runs openssh, then you can have something along these lines now. Setup an openssh DSA key, copy the public key to whatever machines you need to log into and then you can disable password logins in /etc/ssh/sshd_config altogether. If you are running Linux then for extra credit configure pam_ssh to get single sign on with an ssh key agent. If you are running windows as your client then you will have to make do with putty and pagent.
Passwords are so last century.
I am a lawyer and this constitutes legal advice and I shall indemnify you against any losses arising from taking it.
It won't be immediate, or close to it... but a 25x increase in the speed of bruteforcing passwords will certaintly speed up the process by which passwords are obseleted.
It means the search space needs to be 25 times as big. That means the password needs one more letter.
Or you could start using a more secure hashing function!
The time it takes to calculate the hash is insignificant for a real user, but an increase of even a tenth of a second to an attacker could mean the difference between a day and a week to crack a hash.
bluefish hashes take a long time (relative to md5 and sha1) to computer because the initialization takes a long time, there is no way to accelerate this initialization it must be preformed synchronously.
OpenBSD FTW!
Why is the GPU a processor dedicated to nothing but "pretty graphics" so much more powerful than the central multi-purpose processor even at the things like number-crunching?
You need to rephrase your question, because it makes an incorrect assumption. Here:
Why is the GPU a processor dedicated to nothing but "pretty graphics" so much more powerful than the central multi-purpose processor especially at the things like number-crunching?
The answer is obvious if you think about it: those "pretty graphics" are a huge number crunching problem. That's all there is to it. GPU's, however, aren't very good at tasks that don't do exactly the same thing huge numbers of times. This is true of most applications. Including the applications that run on the PC to control what the GPU does in stuff like what the story's talking about.
Is it because the GPU engineers can completely redo the thing from scratch whenever they want to, whereas the CPU-designers are held back by the backwards-compatibility issues?
Partially. Modern GPUs have (I think -- I don't keep up to date) 256 bit wide memory interfaces, running at close to gigahertz speed. This means they can transfer to and from their memory at about 4 times the rate a PC can. This is possible because (1) graphics card manufacturers don't mind the types of memory they use changing on a virtually model-by-model basis and (2) they also don't mind being stuck with non-expandable memory that's soldered directly onto the card right next to the GPU.
It's also because GPU engineers can sacrifice a lot of the flexibility of a PC. So what if the pipeline stalls if all 32 threads aren't doing exactly the same thing at the same time? Most of the time, they will be.
Computer Science teaches, programmers aren't supposed to have to do "tricks" like this -- you code, and the translator (compiler or intepreter) will translate from your programming language to the hardware instructions.
So why did my CS course have a module where we learned how the hardware worked? About memory hierarchies? About SISD, SIMD and MIMD processors? Why does Knuth's The Art of Computer Programming, possibly the most important book ever written on CS, approach problems at an assembly language level? Why, in my CS course, did I learn two different kinds of assembly language (one CISC, one RISC)?
Because CS is concerned with a holistic view of computers. With the fact that they are machines for executing instructions, and what can be done with those instructions. With the fact that it may be more efficient not to specify that much detail, but also the fact that, from time to time, you do need to do that.
Because putting your pretty USB stick in a compromised system would void the security of your key. Anyone can just copy it an use it for himself. You can't do that with a smart card, since the key never leaves the card.
Life is just nature's way of keeping meat fresh.
Right but the problem is that its really a l33tspeak filter on english.
I tend to go a lbit more elaborate:
w2tJwhF+G Welcome to the Jungle we have fun and games
So each word accounts for 1 letter, often the first letter, sometimes whole words get changed.
"Its better to burn out than fade away"
Could be Bo>Fa
and thats a good half a password right there...
-Steve
"I opened my eyes, and everything went dark again"