Posted in security on October 12th, 2008 by A-KO
In another post regarding the raw power of Nvidia’s graphics chips for password cracking, Russian software developer Elcomsoft has developed software that uses CUDA to break WPA and WPA2 encryption.
Press release here.
Posted in security on October 7th, 2008 by A-KO
An interesting project that someone is working on is how to make encryption cheap enough and easy enough to use in a more widespread scenario. If you’ve read earlier regarding my SNI support, you would see that I’m a big fan of this goal.
I haven’t worked out the specific details but might try configuring this for the Maryland2600.org domain to see how it works.
More info here, if you’re interested.
Posted in security on October 3rd, 2008 by A-KO
Further reducing my faith in any password-based authentication mechanisms, comes along a password cracking program that uses CUDA and Nvidia graphics cards to crack password hashes.
The Extreme GPU Bruteforcer currently has support for cracking NTLM, SHA-1, MD5, and various derivatives of MD5 and salting mechanisms.
In simple tests that I ran on a dummy password of “ako123″ hashed with MD5, the CUDA-based cracker was able to find it in less than 30 seconds. It took a bit longer, but it was able to find it within the 3 minute demo timelimit of the application hashed as SHA-1 as well.
The CPU password cracker the company puts out is not multi-threaded, so you can double or quadruple the CPU performance numbers to get an estimate on how well the test would do if it were threaded across all of your available cores.
Performance Figures:
8600GTS 256MB PCI-E graphics card
Intel Core 2 Duo E6550 2.33Ghz
GPU MD5/A-Za-z0-9/3-8 characters: 80M passwords/second
CPU MD5/A-Za-z0-9/3-8 characters: 5.3M passwords/second
GPU SHA1/A-Za-z0-9/3-8 characters: 16.5M passwords/second
CPU SHA1/A-Za-z0-9/3-8 characters:2.7M passwords/second
Download here. Note Vendor website is down at the moment.