Sign in with
Sign up | Sign in

Nvidia Versus AMD: Brute-Force Attack Performance

Harden Up: Can We Break Your Password With Our GPUs?
By

This little exercise is all about scaling. You want a lot of cores, and you want them operating quickly. Even though it has a slight effect on our results, let's put architecture aside a moment. While two GeForce GTX 570s only have 2.8x the number of CUDA cores as a single GTX 460, we realize three times the performance because all of the higher-end card's cores also operate 8% faster.

Dropping in a GeForce GTX 590 yields similar results as our SLI configuration. The 590 has more cores, but they operate slightly slower. If you're shooting for the star, Nvidia's flagship is pretty much the top of the line with its 1024 CUDA cores. Then again, if you're willing to tolerate lots of heat and a big price tag, two GeForce GTX 590s in SLI should be able to double the performance of our twin GTX 570s.

In comparison, there are 3072 Stream processors running at 830 MHz on AMD's flagship Radeon HD 6990. Bear in mind that an AMD core is not equivalent to an Nvidia core, so you can't compare them 1:1.

I only had time to run a pair of Radeon HD 5850s in CrossFire, but the results are still impressive. With 2880 stream processors, I'm pushing about 1.1 million passwords per second while attempting to break an AES-128 encrypted WinZip file. Two Radeon HD 6990s are probably the way to go if you want to go full-speed in AES password recovery. But even optimistically, you're only going to hit slightly over 3 million passwords per second. That's still insufficient to crack an eight-character password in less than a year.

Graphics Card
CUDA/Stream cores
Shader Core Speed
GeForce GTX 460 1GB336
1350 MHz
GeForce GTX 570480
1464 MHz
GeForce GTX 5901024
1214 MHz
Radeon HD 5850
1440
725 MHz
Radeon HD 5970
1600
725 MHz
Radeon HD 6990
3072 830 MHz


A pair of GeForce GTX 570s in SLI is a reasonable setup to expect in a gaming machine. While you probably shouldn't expect great times breaking past passwords more than seven characters long, remember that we're also looking at the worst-case scenario. It's as if we're searching for a password between 00 and 99, and the right answer ends up being 99. Usually, that's not the case, and a password right in the middle would arrive in half the time.

Password recovery programs like these don't do a fully-sequential search, so that's not even a good strategy for password security. Realistically, a successful recovery will probably fall somewhere in the middle of a search. However, given the time frames which we're we're dealing, that doesn't really change our conclusion. Zip 2.0 isn't safe at all in our opinion. While it would take a longer time to find a password made up of nine or 10 characters, it's definitely doable between a few gaming buddies.

2 x GeForce GTX 570 SLI
Brute-Force Attack
Total Time for Search
Password Length Between 1-6 Characters
Password Length Between 1-8 Characters
500 000 Passwords Per Second18 days, 7 hours
462 years, 116 days
45 Million Passwords Per Second4 hours, 52 minutes
5 years, 49 days
1.5 Billion Passwords Per Second8 minutes
56 days, 5 hours
Ask a Category Expert

Create a new thread in the Reviews comments forum about this subject

Example: Notebook, Android, SSD hard drive

Display all 92 comments.
This thread is closed for comments
Top Comments
  • 10 Hide
    ryandsouza , June 20, 2011 5:51 AM
    "Think of this as generating every single combination of numbers that can be used to solve that same Sodoku puzzle, starting from an all zeros all the way through all nines. "

    Sudoku puzzles have numbers from 1 through 9!
Other Comments
  • 1 Hide
    jeff77789 , June 20, 2011 4:33 AM
    "While it would take a longer time to find a password made up of nine or 10 passwords, it's definitely doable between a few gaming buddies. "


    9 or 10 characters?
  • 2 Hide
    jj463rd , June 20, 2011 5:04 AM
    How about adding some extended ASCII codes to a password.
  • 10 Hide
    ryandsouza , June 20, 2011 5:51 AM
    "Think of this as generating every single combination of numbers that can be used to solve that same Sodoku puzzle, starting from an all zeros all the way through all nines. "

    Sudoku puzzles have numbers from 1 through 9!
  • 3 Hide
    rpmrush , June 20, 2011 5:59 AM
    This reminds me of Bitcoin GPU crunching. 6990s are favored right now. I wonder how many were sold specifically to Bitcoin miners? I tried it with my dual 6850s but the heat was rediculous. I didn't like the stress on my hardware so I gave up mining. I'm sure it's the same with password software. Maxing out your GPUs. Great for Winter, not Summer!
  • -7 Hide
    mediv42 , June 20, 2011 6:01 AM
    I've always wondered about this: why don't they just code a delay into the decryption program, so you can't check a billion passwords a second?
  • 2 Hide
    joshyboy82 , June 20, 2011 6:03 AM
    I like the scale, but in your small example (a,b,c) you were right and wrong at the same time. Based on your configuration 6 possibilities are correct, but because you tell someone that they can use A or B or C in the password doesn't stop them from choosing aaa, therefor the combination is 9, not 6. Otherwise, interesting article.
  • 4 Hide
    acku , June 20, 2011 6:07 AM
    Quote:
    "Think of this as generating every single combination of numbers that can be used to solve that same Sodoku puzzle, starting from an all zeros all the way through all nines. "

    Sudoku puzzles have numbers from 1 through 9!


    Fixed! Sorry. I usually play Sudoku variants. :) 


    Quote:
    I like the scale, but in your small example (a,b,c) you were right and wrong at the same time. Based on your configuration 6 possibilities are correct, but because you tell someone that they can use A or B or C in the password doesn't stop them from choosing aaa, therefor the combination is 9, not 6. Otherwise, interesting article.


    I could understand that, but I left out that since I was trying to show a simple example of how permutations differ from combinations. As you pointed out, repetitions are allowed in passwords. I actually mention that in the sentence that follows in the next paragraph.
  • 1 Hide
    webdev511 , June 20, 2011 6:12 AM
    Password Haystacks Yes Steve Gibson has already covered something like this. Passphrases with upper lower number and speical are the way to go. Yes, please avoid shortcuts.
  • 5 Hide
    acku , June 20, 2011 6:15 AM
    Quote:
    I've always wondered about this: why don't they just code a delay into the decryption program, so you can't check a billion passwords a second?


    It wouldn't be easy from a design standpoint, cause now you're talking about fiddling with the design of the program.

    The easiest way to slow down the verification portion of the password authentication process is increasing the number of transformation invocations for key generation. The problem is that this slows down the performance of your machine, even if you have the correct password.

    jj463rdHow about adding some extended ASCII codes to a password.


    That assumes WinZip and WinRAR supports them. To be honest, I haven't looked into that. Though, I'm inclined to believe that neither program supports them.
  • 4 Hide
    shin0bi272 , June 20, 2011 6:59 AM
    the tables in this review are horrible... they go from lengths of time to number of passwords and theres no discernible notation when they do.
  • 8 Hide
    Mark Heath , June 20, 2011 7:26 AM
    Cracking a password? There's an app for that.

    Saw something on this elsewhere recently (http://www.zdnet.com/blog/hardware/cheap-gpus-are-rendering-strong-passwords-useless/13125)

    I've changed the password for important (tangible value) passwords such as that for my steam account to a password that now uses a few special characters, and some mixed up numbers, lower and upper case letters, totalling 18 characters. (lol)

    Now I have a few different tiers of passwords, a now replaced 8 string of letters and numbers for unimportant things a couple of years ago, a now replaced string of 15 characters for semi-important things a couple years ago (have real world information or usefulness for a potential bad guy), their 8 and 15 respectively replacements and my new 18 character string for things that have definite tangible real world value to potential nasties.

    And being only 15 I think I'm on the right track :) 

    The only thing that *really* worries me are the choice of security questions sometimes. If you're not allowed to pick your own, the answer would be easy to find on my Facebook page or similar (if I had one ;) ) Mother's maiden name? There's a Facebook page for that.
  • 3 Hide
    acku , June 20, 2011 7:37 AM
    Mark HeathCracking a password? There's an app for that.Saw something on this elsewhere recently (http://www.zdnet.com/blog/hardware/cheap-gpus-are-rendering-strong-passwords-useless/13125)I've changed the password for important (tangible value) passwords such as that for my steam account to a password that now uses a few special characters, and some mixed up numbers, lower and upper case letters, totalling 18 characters. (lol)Now I have a few different tiers of passwords, a now replaced 8 string of letters and numbers for unimportant things a couple of years ago, a now replaced string of 15 characters for semi-important things a couple years ago (have real world information or usefulness for a potential bad guy), their 8 and 15 respectively replacements and my new 18 character string for things that have definite tangible real world value to potential nasties.And being only 15 I think I'm on the right track The only thing that *really* worries me are the choice of security questions sometimes. If you're not allowed to pick your own, the answer would be easy to find on my Facebook page or similar (if I had one ) Mother's maiden name? There's a Facebook page for that.


    Actually, AccentZIP and AccentRAR are real world derivatives of the ighashgpu program that Zdnet wrote about. Ivan Golubev actually wrote the code for all three programs and we had the pleasure of working with him to write this article. The difference is that with ighashgpu, you're mainly looking at hash cracking.
  • 2 Hide
    aaron88_7 , June 20, 2011 7:40 AM
    You could buy multiple GPU's for a hefty price, or you could just use Amazon's cloud computing to do it for you....

  • 2 Hide
    aaron88_7 , June 20, 2011 7:41 AM
    Oops, link didn't show up, here it is:

    Linky Linky
  • 2 Hide
    acku , June 20, 2011 7:54 AM
    Quote:
    Oops, link didn't show up, here it is:

    Linky Linky


    Interesting. According to the article, it seems that the password recovery speed is limited by the internet connection.

    I seem to recall seeing someone mention that a pair of 590s was faster than 30000 passwords per second with Elcomsoft's GPGPU document cracker.

    Heck, assuming only 2002 SHA-1 transformations, a single GTX 460 would be faster.
  • 1 Hide
    compton , June 20, 2011 8:16 AM
    How much of a jem is this article? This is way better than trying to save 3 cents a year on your power bill. I for one would like to see the process expanded into a benchmark if possible. For one thing, it could be an excellent for CPUs where it seems like it's more optimized -- GPUs are basically limited to nVidia's CUDA, but I still think the brain trust at Toms could find a way to make an informative benchmark out password cracking.
  • 2 Hide
    kkiddu , June 20, 2011 8:51 AM
    What if you have TRANSLTR?
  • 2 Hide
    Hupiscratch , June 20, 2011 9:07 AM
    A next good article would be a search for the best decryption software. Let the decryption roundup begins!
  • 1 Hide
    Anonymous , June 20, 2011 9:32 AM
    Interesting article. I personally use a fairly simple way to use one different password for each website / service following an easy to remember pattern. The method is described here:

    http://passwordadvisor.com/TipsUsers.aspx

    Would also be interesting to see if Sandy Bridge AES instructions helps on brute force.
  • -3 Hide
    srgess , June 20, 2011 10:06 AM
    Im surprise they haven't tested Elcom solution, they are faster for recovery password with any competition with some process. You can put make a network resource. So lets say you have a lots of money and put 10-20 4 SLI GTX 590 computer or Tesla computer available resource to get a super computer , password cracking will pass from days to second. Imagine Top supercomputer in the world and its just a beginning. Soon we gonna have to have password with 20 + alpha numeric and special character. Or data crash after 10 attempt.
Display more comments