US Government Using PS3s To Break Encryption

Entropy98 writes "It seems that the US Immigration and Customs Enforcement Cyber Crimes Center, known as C3, has replaced its '$8,000 Tableau/Dell server combination' with more efficient and much cheaper $300 PS3s. Each PS3 is capable of 4 million passwords per second, and C3 currently has 20 PS3s with plans to buy 40 more. Naturally this is only being used to break encryption on computers seized with a warrant and suspected of harboring child pornography."

Re:What

[Swift+Kick]

You're right. The submitter didn't read the article (or lacked the reading comprehension to understand it).

The article says that "the networked Playstation 3s can process 4 million passwords per second, cutting down on the time necessary to find the correct combination.". Nowhere does it say that a single PS3 can do that.

This only works on poor passwords

[Khopesh]

I've done a lot of password-cracking math, even toyed with the idea of writing an academic paper on it. Generally, I work on the (generous) assumption that a well-groomed single node can chunk through 100k passwords per second and that things scale perfectly, so 20 nodes would work through 2M passwords per second. They're claiming their 20-node cluster can handle twice that, and I fully believe it. Powerful GPUs are known to perform extremely well on password cracking, and PS3s certainly have them. That's twice the performance for half to a fifth the cost. Nice, but not "OMG."

They plan to scale up to 60 nodes, which is 12M pass/s. To break a 8-character monospace password (37 bits of complexity, which is pretty weak), it would take just under five hours ( 26^8/(12*10^6) /60/60 ). However, to break an 8-character alphanumeric password (case and numbers), that becomes seven months ( (26+26+10)^8/(12*10^6) /60/60/24/365*12 ).

This is only scary when you have a super-intelligent dictionary attack. Scrape the hard drive and any subpoenaed documents for words and add that to a dictionary of common password parts, then perform your dictionary attack -- dreadfully powerful. To avoid falling victim to this, a good rule of thumb is that words are awesome to use, and they're more secure, but they're only about as secure as two random characters (three with a rich vocabulary including 3 or more of: arcane words, uncommon foreign words, uncommon misspelled words, uncommon proper nouns, l33t-speak ...). So that 13-char "secure password" you use that looks like metropolitan8 effectively only has three or four characters to a dictionary attacker, and that clever 14-char password of spageti4dinner has only five or six, depending on how good the attacker's dictionary is at misspelled words. A tip: put punctuation inside your words to break them up (without forming words), e.g. metr[opo;%litan8, and you've pretty much defeated the dictionary attack.

Re:This only works on poor passwords

[bertok]

However, to break an 8-character alphanumeric password (case and numbers), that becomes seven months

Ah... theory!

In practice, even very long passwords are trivially cracked in little time, using simple methods.

Unfortunately, I lost the source, but while studying cryptography myself, I stumbled upon a quote from some guy involved in government decryption in the US, and (paraphrasing), he said that their technique was basically to pick up the hard disk from the machine with the protected content, and then simply try every consecutive range of bytes as a password.

Unless the disk was encrypted with 'whole disk encryption', it works something like 90% of the time, simply because of stupid software saving plain-text passwords, users reusing passwords for various purposes, things like hibernation and page files, etc... I suspect that on disks from corporate networks, it would work even better, because if any one disk reveals the network admin password, you can unlock everything else from there.

So if you have a 100 GB disk, and you try all byte ranges from 4 to 20 bytes long (to account for various password lengths), and you try every byte range as both an ASCII and UTF-16 string, that's merely 17x2x100*10^9 = 3400 billion passwords to try, or 3.2 days at your quoted "12 million passwords per second".

In practice, most disks would crack much faster than that, if you aim the algorithm at the most likely sources first, such as the page and hibernation files, the user registry, and the web browser cache and configuration folders.

The lesson I took away from that is that against an attacker with physical access, it really doesn't make the slightest difference how strong your password is, unless the entire disk is encrypted.