Cloud-Based Crypto-Cracking Tool To Be Unleashed At Black Hat DC

European researcher will share new Cloud Cracking Suite that leverages GPU processing power in Amazon EC2 cloud to decrypt passwords, break into wireless networks

A European researcher will release an open-source tool at Black Hat DC that uses Amazons powerful GPU processing services to crack SHA1-based passwords at breakneck speeds.
Thomas Roth, a researcher and consultant for Lanworks AG, last fall revealed how he was able to crack SHA1 encryption using Amazon EC2s newest cloud computing service-for-hire that uses Graphics Processing Units (GPU) processors, which typically are used to execute calculations for graphics-intensive applications.
Roth for the first time will release his so-called Cloud Cracking Suite (CCS) tool at next weeks gathering. He says he was able to successfully crack 400,000 passwords per second using eight Amazon Nvidia GPU instances, and 45,000 to 50,000 passwords per second with just one GPU instance, he says.
GPUs have a very parallel architecture with a lot of cores that makes parallel execution of many threads at once possible. And as brute-forcing/dictionary attacks are very straightforward to distribute, GPUs are perfectly suited for doing such jobs, Roth says.
By contrast, two high-end Intel X5570 Quad-Core CPUs can crack about 7,000 passwords per second, he says.
The catch, however, is that the passwords most at risk of this cloud-based hack are easily guessed, such as ones with all letters, all digits, or all same-case letters. Strong passwords, which use a mix of letters in mixed cases, numbers, and symbols, are relatively safe from this type of cloud attack, Roth says. This demonstrates how fast easy passwords can be broken using modern technology ... If youre using only lowercase letters or just numbers, its very easy and fast to crack your passwords, he says. If you are using numbers and lower- and uppercase letters, it gets really hard. You can eventually crack them, but it takes a very long time. Brute-forcing is slow.
Roth says he used his CCS tool to break into (with permission) a neighbors WPA-PSK wireless network via a password dictionary attack. I was also able to brute-force the key of my new wireless router, which had a numeric digits-only password per default, Roth says. The tool can also be used to crack MD5-encrypted passwords, he says.
The CCS tool isnt the first cloud-based password-cracker, however. Researcher Moxie Marlinspike last year created the
WPACracker
service that tests the strength of passwords used in the encryption of wireless access points. Marlinspike says wpacracker.com already uses some GPUs in its processor cluster.
So whats new [here] is that Amazon EC2 is now providing GPGPU instances, which can make these resources more accessible to people who dont want to maintain a machine with some Nvidia cards in it or who only occasionally have a job theyd like to run, Marlinspike says. The unfortunate thing is that Amazon is only providing GPUs in their high-performance computing [HPC] instances. Most people who are doing HPC dont have problems that are as trivially parallelizable as password-cracking, so they need 10-Gbps, full-bisection network connections between instances. This makes the GPU instances that Amazon is providing very expensive, at a whopping $2.10 an hour. Compare this against the 6 cents per hour for a high-CPU instance with five EC2 compute units in it.
So its still cheaper to use CPUs to crack hashes with Amazons EC2 service, he says, even though a GPU has faster performance. Marlinspike says his take on the research is based on what Roth has published thus far.
Roth, however, says he will publish new benchmarks next week that show that using GPUs is actually cheaper than using CPUs.
Meanwhile, continuing to use hash algorithms like SHA1 for storing passwords is risky, Roth says. At first glance it seems to be pretty straightforward to use hash algorithms for storing passwords, as they are nonreversible. But the problem is that they are made to be very fast, as they are used to verify large pieces of data, which makes brute-forcing of them actually possible, he says.
A better option would be an algorithm like PBKDF2, which is actually slower and thus more protected from brute-force attacks, he says.
A spokesperson for Amazon Web services says Roths research basically uses EC2 as a tool to demonstrate how network security can be improved. Nothing in this researchers work is predicated on the use of Amazon EC2. As researchers often do, he used EC2 as a tool to show how the security of some network configurations can be improved. Testing is an excellent use of AWS; however, it is a violation of our acceptable use policy to use our services to compromise the security of a network without authorization, the spokesperson said.
Using the CCS tool requires an EC2 subscription and incurs Amazons cloud costs. The client side of the tool lets you configure and start up the encryption-cracking session. The CCS server tool runs on CentOS and is packaged in an Amazon machine image and handles the password-cracking.
SHA1 was not made for storing passwords, he says. I want people who are vulnerable using SHA1 for storing passwords to realize its possible to boot up instances in the cloud, pay a few dollars per hour, and try to crack those.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Cloud-Based Crypto-Cracking Tool To Be Unleashed At Black Hat DC