Sign in with
Sign up | Sign in
Your question
Closed

Harden Up: Can We Break Your Password With Our GPUs?

Last response: in Reviews comments
Share
June 20, 2011 4:33:00 AM

"While it would take a longer time to find a password made up of nine or 10 passwords, it's definitely doable between a few gaming buddies. "


9 or 10 characters?
Score
1
June 20, 2011 5:04:42 AM

How about adding some extended ASCII codes to a password.
Score
2
Related resources
June 20, 2011 5:51:31 AM

"Think of this as generating every single combination of numbers that can be used to solve that same Sodoku puzzle, starting from an all zeros all the way through all nines. "

Sudoku puzzles have numbers from 1 through 9!
Score
10
June 20, 2011 5:59:54 AM

This reminds me of Bitcoin GPU crunching. 6990s are favored right now. I wonder how many were sold specifically to Bitcoin miners? I tried it with my dual 6850s but the heat was rediculous. I didn't like the stress on my hardware so I gave up mining. I'm sure it's the same with password software. Maxing out your GPUs. Great for Winter, not Summer!
Score
3
June 20, 2011 6:01:39 AM

I've always wondered about this: why don't they just code a delay into the decryption program, so you can't check a billion passwords a second?
Score
-7
June 20, 2011 6:03:43 AM

I like the scale, but in your small example (a,b,c) you were right and wrong at the same time. Based on your configuration 6 possibilities are correct, but because you tell someone that they can use A or B or C in the password doesn't stop them from choosing aaa, therefor the combination is 9, not 6. Otherwise, interesting article.
Score
2
June 20, 2011 6:07:33 AM

ryandsouza said:
"Think of this as generating every single combination of numbers that can be used to solve that same Sodoku puzzle, starting from an all zeros all the way through all nines. "

Sudoku puzzles have numbers from 1 through 9!


Fixed! Sorry. I usually play Sudoku variants. :) 


joshyboy82 said:
I like the scale, but in your small example (a,b,c) you were right and wrong at the same time. Based on your configuration 6 possibilities are correct, but because you tell someone that they can use A or B or C in the password doesn't stop them from choosing aaa, therefor the combination is 9, not 6. Otherwise, interesting article.


I could understand that, but I left out that since I was trying to show a simple example of how permutations differ from combinations. As you pointed out, repetitions are allowed in passwords. I actually mention that in the sentence that follows in the next paragraph.
Score
4
June 20, 2011 6:12:48 AM

Password Haystacks Yes Steve Gibson has already covered something like this. Passphrases with upper lower number and speical are the way to go. Yes, please avoid shortcuts.
Score
1
June 20, 2011 6:15:41 AM

mediv42 said:
I've always wondered about this: why don't they just code a delay into the decryption program, so you can't check a billion passwords a second?


It wouldn't be easy from a design standpoint, cause now you're talking about fiddling with the design of the program.

The easiest way to slow down the verification portion of the password authentication process is increasing the number of transformation invocations for key generation. The problem is that this slows down the performance of your machine, even if you have the correct password.

jj463rdHow about adding some extended ASCII codes to a password.


That assumes WinZip and WinRAR supports them. To be honest, I haven't looked into that. Though, I'm inclined to believe that neither program supports them.
Score
5
a b U Graphics card
June 20, 2011 6:59:54 AM

the tables in this review are horrible... they go from lengths of time to number of passwords and theres no discernible notation when they do.
Score
4
June 20, 2011 7:26:01 AM

Cracking a password? There's an app for that.

Saw something on this elsewhere recently (http://www.zdnet.com/blog/hardware/cheap-gpus-are-rende...)

I've changed the password for important (tangible value) passwords such as that for my steam account to a password that now uses a few special characters, and some mixed up numbers, lower and upper case letters, totalling 18 characters. (lol)

Now I have a few different tiers of passwords, a now replaced 8 string of letters and numbers for unimportant things a couple of years ago, a now replaced string of 15 characters for semi-important things a couple years ago (have real world information or usefulness for a potential bad guy), their 8 and 15 respectively replacements and my new 18 character string for things that have definite tangible real world value to potential nasties.

And being only 15 I think I'm on the right track :) 

The only thing that *really* worries me are the choice of security questions sometimes. If you're not allowed to pick your own, the answer would be easy to find on my Facebook page or similar (if I had one ;) ) Mother's maiden name? There's a Facebook page for that.
Score
8
June 20, 2011 7:37:46 AM

Mark HeathCracking a password? There's an app for that.Saw something on this elsewhere recently (http://www.zdnet.com/blog/hardware/cheap-gpus-are-rende...)I've changed the password for important (tangible value) passwords such as that for my steam account to a password that now uses a few special characters, and some mixed up numbers, lower and upper case letters, totalling 18 characters. (lol)Now I have a few different tiers of passwords, a now replaced 8 string of letters and numbers for unimportant things a couple of years ago, a now replaced string of 15 characters for semi-important things a couple years ago (have real world information or usefulness for a potential bad guy), their 8 and 15 respectively replacements and my new 18 character string for things that have definite tangible real world value to potential nasties.And being only 15 I think I'm on the right track The only thing that *really* worries me are the choice of security questions sometimes. If you're not allowed to pick your own, the answer would be easy to find on my Facebook page or similar (if I had one ) Mother's maiden name? There's a Facebook page for that.


Actually, AccentZIP and AccentRAR are real world derivatives of the ighashgpu program that Zdnet wrote about. Ivan Golubev actually wrote the code for all three programs and we had the pleasure of working with him to write this article. The difference is that with ighashgpu, you're mainly looking at hash cracking.
Score
3
June 20, 2011 7:40:23 AM

You could buy multiple GPU's for a hefty price, or you could just use Amazon's cloud computing to do it for you....

Score
2
June 20, 2011 7:54:05 AM

aaron88_7 said:
Oops, link didn't show up, here it is:

Linky Linky


Interesting. According to the article, it seems that the password recovery speed is limited by the internet connection.

I seem to recall seeing someone mention that a pair of 590s was faster than 30000 passwords per second with Elcomsoft's GPGPU document cracker.

Heck, assuming only 2002 SHA-1 transformations, a single GTX 460 would be faster.
Score
2
June 20, 2011 8:16:22 AM

How much of a jem is this article? This is way better than trying to save 3 cents a year on your power bill. I for one would like to see the process expanded into a benchmark if possible. For one thing, it could be an excellent for CPUs where it seems like it's more optimized -- GPUs are basically limited to nVidia's CUDA, but I still think the brain trust at Toms could find a way to make an informative benchmark out password cracking.
Score
1
June 20, 2011 8:51:54 AM

What if you have TRANSLTR?
Score
2
June 20, 2011 9:07:30 AM

A next good article would be a search for the best decryption software. Let the decryption roundup begins!
Score
2
Anonymous
a b U Graphics card
June 20, 2011 9:32:59 AM

Interesting article. I personally use a fairly simple way to use one different password for each website / service following an easy to remember pattern. The method is described here:

http://passwordadvisor.com/TipsUsers.aspx

Would also be interesting to see if Sandy Bridge AES instructions helps on brute force.
Score
1
June 20, 2011 10:06:18 AM

Im surprise they haven't tested Elcom solution, they are faster for recovery password with any competition with some process. You can put make a network resource. So lets say you have a lots of money and put 10-20 4 SLI GTX 590 computer or Tesla computer available resource to get a super computer , password cracking will pass from days to second. Imagine Top supercomputer in the world and its just a beginning. Soon we gonna have to have password with 20 + alpha numeric and special character. Or data crash after 10 attempt.
Score
-3
June 20, 2011 10:14:30 AM

The credit card pin number for online transaction are still 3 numeric digit & it cannot be change LOL, then the ATM machine are still 6 numeric digit, thats how simple our banking system these days. Even my Wifi key is already 63 characters consist of upper/lower case alphabet, numeric and symbols.
Score
1
June 20, 2011 10:28:35 AM

Why has Amazon EC2 been ignored?

Why are there so many tables for ZIP 2.0 and almost none for AES? It was said zip was unsafe at the beginning, a table or two should be enough. Yet, I learned very little of AES, the standard nowadays.
Score
2
a b U Graphics card
June 20, 2011 10:40:22 AM

Kkiddu, I was hoping someone would bring that up. 3 million parallel processors cracking at it at once. Full ASCII 64 bit keys in ~ 4 minutes. So long as the cooling holds up.
Score
2
Anonymous
a b U Graphics card
June 20, 2011 10:49:45 AM

Never mind chinas 7,168 NVIDIA Tesla GPU super computer....
Score
2
Anonymous
a b U Graphics card
June 20, 2011 11:05:04 AM

Just for comparison: the 7z format supports encryption with AES-256 and uses 524288 SHA-256 transformations to generate a key. In practice it's safer than rar.
Score
2
June 20, 2011 12:17:36 PM

rpmrushThis reminds me of Bitcoin GPU crunching. 6990s are favored right now. I wonder how many were sold specifically to Bitcoin miners? I tried it with my dual 6850s but the heat was rediculous. I didn't like the stress on my hardware so I gave up mining. I'm sure it's the same with password software. Maxing out your GPUs. Great for Winter, not Summer!

you can use all that power to do some folding ;) 
Score
0
June 20, 2011 12:20:46 PM

srgessIm surprise they haven't tested Elcom solution, they are faster for recovery password with any competition with some process. You can put make a network resource. So lets say you have a lots of money and put 10-20 4 SLI GTX 590 computer or Tesla computer available resource to get a super computer , password cracking will pass from days to second. Imagine Top supercomputer in the world and its just a beginning. Soon we gonna have to have password with 20 + alpha numeric and special character. Or data crash after 10 attempt.

ok here is even a easier way to secure your data...have two separate machines, one to save your stuff which never get connected to the web, and the other is the one that you use every day and connected to the web, just don't save any sensitive data on it....problem fixed....and very cheap
Score
2
June 20, 2011 12:22:44 PM

srgess said:
Im surprise they haven't tested Elcom solution, they are faster for recovery password with any competition with some process. You can put make a network resource. So lets say you have a lots of money and put 10-20 4 SLI GTX 590 computer or Tesla computer available resource to get a super computer , password cracking will pass from days to second. Imagine Top supercomputer in the world and its just a beginning. Soon we gonna have to have password with 20 + alpha numeric and special character. Or data crash after 10 attempt.


Elcomsoft was one of the first people we turned to. Unfortunately, the distributed version of their cracking program doesn't support archive encryption.
Score
1
June 20, 2011 12:28:40 PM

orwells said:
Why has Amazon EC2 been ignored?

Why are there so many tables for ZIP 2.0 and almost none for AES? It was said zip was unsafe at the beginning, a table or two should be enough. Yet, I learned very little of AES, the standard nowadays.



EC2 has not been ignored, it's just not practical. Read my forum post.

http://www.tomshardware.com/forum/2945-56-harden-break-...

As for tables, please look more in depth. The article provides speed and time tables for Zip 2.0, AES-128, and AES-256 brute-force cracking.
Score
2
June 20, 2011 12:31:44 PM

Yes, but if you have a keylogger installed, you're password's strength is irrelevant. And who uses encrypted archives anyway ? If we want to keep secret stuff away from others, we create secret encrypted partitions, a-la truecrypt.
Score
1
June 20, 2011 12:39:55 PM

So how properly would this work with other languages? Me being Dutch it would probably only work if my passwords consisted of numbers only.
Score
1
June 20, 2011 12:51:43 PM

plantenbak123 said:
So how properly would this work with other languages? Me being Dutch it would probably only work if my passwords consisted of numbers only.


As an update to a previous post: it looks like WinZip and WinRAR both support unicode passwords, and AccentZip/AccentRAR support multiple languages for password cracking.

Though, I'm not sure if Dutch is one of them. You have the same 26 letter alphabet, but strength increases if you include tremas and other written inflections (i.e. ruïne, bèta). (provided you use them)
Score
2
June 20, 2011 1:01:57 PM

mediv42 said:
I've always wondered about this: why don't they just code a delay into the decryption program, ...?
That's how it's mostly done.
The issue here is that the "recovery" software doesn't utilise the "decryption program" at all, but does all the crunching on its own on the side.
As you can see at the top of page 8 the typical "log in" process is to type a password which gets hashed and the program check to see if the hashed value is equal to the "key".
For "recovery" the hash process is well known, and the key is retrieved from the meta data of the archive. The recovery program then (internally) just generate a "password", run it through the hash and compare the result to the key. Once it find a password that generate the correct key the process is finished and the password is displayed to the user.

tomfreak said:
The credit card pin number for online transaction are still 3 numeric digit... the ATM machine are still 6 numeric digit, thats how simple our banking system these days.
Here the security lies in the safe storage of the resulting hash sum combined with the allowable number of attempts.
As long as a would be hacker don't know the hash sum (s)he can't test more than three numbers before being locked out.

Score
1
a b U Graphics card
June 20, 2011 1:13:41 PM

Two comments:
First, this seems to apply to a special case where testing the validity of the generated key can be done by decrypting the data. How would it apply to login passwords or the full-disk encryption mentioned in the article?

Second, if the biggest way to slow the effort is the number of hash steps in the key-generation algorithm, rainbow tables scare me more than they did before.
Score
1
June 20, 2011 1:47:25 PM

Looks like it's time to bust out the dice roll generated 15 character ASCII strings.
Score
1
June 20, 2011 1:52:07 PM

Toms, passwords don't get hacked through brute force. Usually what they do is generate rainbow tables (takes a good few months to generate a 4GB rainbow table for upto 8 passwords), and these passwords can be hacked in a matter of minutes!

For reference, I could hack a 6 digit password within 20 minutes on a pentium 2, 233Mhz, using rainbow tables!
Score
3
June 20, 2011 1:54:35 PM

not to mention what I can do when they are actually loaded on an SSD, ran from a corei processor, with GPGU acceleration.
Theoretically I could crack any 12 digit passwords within a week!
Score
2
June 20, 2011 2:02:33 PM

NTLM rainbow tables can hack 10 digit passwords within 5000 seconds (1.3hours) on a Intel Core2 Duo E7300 with 2 gig ram!
Score
1
June 20, 2011 2:05:40 PM

ProDigit10, rainbow tables only work on unsalted passwords. These were used by microsoft for 'lan' style passwords. IIRC, vista and win7 don't use these. And if you use a 14 character password or longer, even windows xp disables the lan encryption.

Your rainbow tables are effectively useless against aes-128, aes-256, and even des. They simply precompute password hashes, and generating the tables takes quite a long time.

Using rainbow tables has nothing to do with gpu acceleration.
Score
2
June 20, 2011 2:48:32 PM

jeff77789"While it would take a longer time to find a password made up of nine or 10 passwords, it's definitely doable between a few gaming buddies. "9 or 10 characters?


No. Since you indicating what you think to be a grammatical error...
The article is correct. Once you reach the number 10 (not ten), then you move to digital.

Example:
http://www.ehow.com/how_5083296_write-numbers-using-apa...
Score
2
June 20, 2011 3:06:49 PM

With 300,000 possible words, there are 90 billion two-word combinations. Imagine if you use a sentence!
Score
1
June 20, 2011 3:18:36 PM

tomdphamWith 300,000 possible words, there are 90 billion two-word combinations. Imagine if you use a sentence!



Yes but that's the same as having an alphabet with 300k letters and a password with only two characters. It's not the length of the password that matters, it's password strength. That's why it's easy to defeat a dictionary-based password. A word is essentially treated as a letter. "PasswordPasswordPassword" takes the same amount of time to check as "123". It's not the checking that's slow, it's the SHA-1 transformations.

For example, "tobeornottobe" is made up of 6 words. The SHA-1 transformations (for WinZip AES-256) take the same amount of time to generate a decryption key made up of 6 letters such as "123456." Each entry in the master dictionary ("to" "be" "or" "not" "to" "be") that you're checking passwords from is a static variable. So when you're dealing with words, the computer treats them the same as letters.
Score
3
Anonymous
a b U Graphics card
June 20, 2011 4:38:10 PM

Keeper Password and Data Vault manages your passwords and built a password generator to for increased encryption security. By creating longer and more complex passwords, the encryption becomes exponentially stronger.

http://www.callpod.com/software
http://blog.callpod.com/
Score
1
Anonymous
a b U Graphics card
June 20, 2011 4:54:06 PM

someone send a copy of this article to Sony, I hear they dont understand the principles of encrypting data
Score
2
June 20, 2011 5:24:48 PM

At my company we're required to change our passwords every 3 months, they have to have lower upper number and special characters and a length of 8+ characters. I have passwords for 10 machines that are required to all be different. I'm not allowed to reuse passwords when I update them. I've been at my company for a couple of years now so I've already used ~80 or so different passwords. There is no possible way for me to remember all of these, so I'm stuck with just having the current ones listed on a post-it note beside my machine.

Basically, I'm just saying that increased password security just means that people will have to come up with a way of remembering their passwords.
Score
3
a b U Graphics card
June 20, 2011 5:49:27 PM

This is exactly what Ive been researching for a project to rediscover the password to one of my older .7z backups. I haven't even read this yet just had to get my excitement out immediately.
Score
1
June 20, 2011 6:01:13 PM

clonazepam, AFAIC, there's no tool for 7z password recovery. Thus, if you use 7z, your info is very secure.
Score
2
June 20, 2011 6:06:56 PM

Explain that to George Hotz.
Score
1
!