Time-Memory Trade-Off Attack on FPGA Platforms: UNIX Password Cracking
نویسندگان
چکیده
This paper presents a hardware architecture for UNIX password cracking using Hellman’s time-memory trade-off; it is the first hardware design for a key search machine based on the rainbow variant proposed by Oechslin. The implementation target is the Berkeley BEE2 FPGA platform which can run at 400 million password calculations/second. Our design targets passwords of length 48 bits (out of 56). This means that with one BEE2 module the precomputation for one salt takes about 8 days, resulting in a storage of 56 Gigabyte. For the precomputation of all salts in one year we would need 92 BEE2 modules. Recovering an individual password requires a few minutes on a Virtex-4 FPGA.
منابع مشابه
Password Cracking Based On Rainbow Tables With A Dynamically Coarse Grain Reconfigurable Architecture
Rainbow attack is a very efficient attack which uses rainbow tables to offer an almost optimal time-memory tradeoff in the process of recovering the plaintext password from ciphertext hash. In this paper, we proposed a new method which can crack DES password quickly with less power consumption on a coarse grain reconfigurable architecture (CGRA) named reconfigurable encrypt-decrypt system (REED...
متن کاملOn the Security of Some Password Authentication Protocols
In an internet environment, such as UNIX, a remote user has to obtain the access right from a server before doing any job. The procedure of obtaining acess right is called a user authentication protocol. User authentication via user memorable password provides convenience without needing any auxiliary devices, such as smart card. A user authentication protocol via username and password should b...
متن کاملDiscarding the Endpoints makes the Cryptanalytic Time-Memory Trade-Offs even Faster
Cryptanalytic time-memory trade-offs were introduced by Hellman in 1980 in order to perform key-recovery attacks on cryptosystems. A major advance was presented at Crypto 2003 by Oechslin, with the rainbow table variant that outperforms Hellman’s seminal work. This paper introduces the fingerprint tables, which drastically reduce the number of false alarms during the attack compared to the rain...
متن کاملAnalysis of Password Cracking Methods & Applications
This project examines the nature of password cracking and modern applications. Several applications for different platforms are studied. Different methods of cracking are explained, including dictionary attack, brute force, and rainbow tables. Password cracking across different mediums is examined. Hashing and how it affects password cracking is discussed. An implementation of two hash-based pa...
متن کاملPenetration Testing: Alternative to Password Cracking
It is widely acknowledged that people, who are the weakest link in security, have a preference to use the same credentials on different computer systems, which forces us, the penetration testers, to evaluate this within our testing scenarios. Typical methods include brute-force password-guessing attacks (usually using common tools) or comparison of captured password hashes against published dat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006