Slashdot Mirror


Cracking Passwords With Amazon EC2 GPU Instances

suraj.sun writes "As of Nov. 15, 2010, Amazon EC2 is providing what they call 'Cluster GPU Instances': An instance in the Amazon cloud that provides you with the power of two NVIDIA Tesla 'Fermi' M2050 GPUs... Using the CUDA-Multiforce, I was able to crack all hashes from this file with a password length from 1-6 in only 49 Minutes (1 hour costs $2.10 by the way.). This is just another demonstration of the weakness of SHA1 — you really don't want to use it anymore."

8 of 217 comments (clear)

  1. Yes, SHA1 security is questionable.. by intellitech · · Score: 4, Insightful

    But, regardless of the hash method, 6-character passwords are ultimately worthless.

    --
    vos nescitis quicquam, nec cogitatis quia expedit nobis ut unus moriatur homo pro populo et non tota gens pereat.
    1. Re:Yes, SHA1 security is questionable.. by jandrese · · Score: 5, Insightful

      It's impossible for a hash algorithm not to have collisions. You're mapping an arbitrarily large problem space down into just a handful of bits. There are infinitely more possible inputs to the algorithm than there are outputs. That said, it's supposed to be computationally prohibitive to find those collisions, and that's where MD5 and SHA1 are failing.

      --

      I read the internet for the articles.
    2. Re:Yes, SHA1 security is questionable.. by WuphonsReach · · Score: 4, Insightful

      Why is SHA1 deprecated?...

      Because it has become easy to create 2 plaintexts that both hash out to the same SHA-1 value. See the section titled "SHA-1" which talks about attacks on the hash function.

      This means that SHA-1 and MD5 are not suitable for "signing" usage where you have a plaintext where you want to prove that the original has not been changed. It's too easy for an attacker to alter the plaintext in a easily hidden manner so that the hash stays the same.

      Is it still useful for the storage of passwords? Yes, but the writing has been on the wall for SHA-1 and MD5 for close to a decade now. When one weakness is discovered in an algorithm, it's the safe bet to assume that future weaknesses will be discovered and those make make the hash algorithm unsuitable for storing passwords. Better to move to one of the newer, more complex, algorithms while you have time to plan over the course of a few years rather then have to switch suddenly in the space of a month or three after an attack is discovered.

      --
      Wolde you bothe eate your cake, and have your cake?
  2. Dictionnary attack doesn't show any weakness by kiwix · · Score: 5, Insightful

    This just shows one more time that SHA1 is deprecated — You really don't want to use it anymore.

    No it doesn't show anything. Your "attack" would only have been marginally slower with SHA-2, because SHA-2 is a bit slower of SHA-1. You didn't exploit any weakness of SHA-1 in this brute-force attack.

    1. Re:Dictionnary attack doesn't show any weakness by daveewart · · Score: 4, Insightful

      I think "able to brute-force thousands of passwords in an hour" qualifies as a weakness in SHA-1.

      Not really. It just shows that 6-character passwords aren't very strong. The hash itself is not the weak point.

      --
      "If you think the problem is bad now, just wait until we've solved it." --- Arthur Kasspe
    2. Re:Dictionnary attack doesn't show any weakness by vadim_t · · Score: 4, Insightful

      No, it qualifies as weakness of the passwords.

      If your password is "password", no hash is going to save you from that. The cracker takes "password", feeds it to the hash, then compares the result to every line in the hashed password file, to check if it matches anybody's.

      Hashing itself has to be fast, since not only passwords get hashed. Sometimes you need to hash a DVD .iso, would you want that to take a week?

      Now, you can do things like making the encoding be hash(hash(hash...(password))) with such a depth that it takes a second for a single check. You can't make it much longer than that because then the users will get tired of waiting. But even then it won't save you if you're dumb enough to have "password" or your username for the password. If the attacker has 10000 accounts, it takes about 3 hours worst case (with salting) to check if any of them use "password". And with that many, chances are pretty good that at least one is. So it's still not a license to use a crappy password. That's if they're not determined enough to get a botnet to work on it.

  3. Re:Password length of 1-6 by falldeaf · · Score: 4, Insightful

    Are you kidding? Everyone that isn't a 'computer person' is still using their daughter's name or the favorite type of sports car brand, one word all lower case passwords for all sites and always will. The best security advancements don't come from new theoretical math theory, they come from making security easy and convenient for average people.

    --
    check out the Mp3 Garbler I built!
  4. large cloud, small brain by epine · · Score: 5, Insightful

    I agree the story could have been framed better. There is in any case some story here. For certain computational tasks, the linear performance scaling that vanished in a puff of Prescott has returned from the grave.

    And not only that, instead of spending $20,000 to buy a Fermi class workstation and getting your result in a year, you can throw the same $20,000 at the cloud and have 10,000 machines deliver your result in an hour, for large instances of cloud.

    This applies to a class of computational tasks denominated in CPU cycles where you can cut a wide swath.

    Moore's law still exists, it's just not evenly distributed.