Skip to main content
SpringerLink
Log in

On Password Guessing with GPUs and FPGAs

  • Conference paper
  • First Online:
Technology and Practice of Passwords (PASSWORDS 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9393))

Included in the following conference series:

Abstract

Passwords are still by far the most widely used form of user authentication, for applications ranging from online banking or corporate network access to storage encryption. Password guessing thus poses a serious threat for a multitude of applications. Modern password hashes are specifically designed to slow down guessing attacks. However, having exact measures for the rate of password guessing against determined attackers is non-trivial but important for evaluating the security for many systems. Moreover, such information may be valuable for designing new password hashes, such as in the ongoing password hashing competition (PHC).

In this work, we investigate two popular password hashes, bcrypt and scrypt, with respect to implementations on non-standard computing platforms. Both functions were specifically designed to only allow slow-rate password derivation and, thus, guessing rates. We develop a methodology for fairly comparing different implementations of password hashes, and apply this methodology to our own implementation of scrypt on GPUs, as well as existing implementations of bcrypt and scrypt on GPUs and FPGAs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 34.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 44.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.eia.gov/electricity/data/browser.

References

  1. Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Bishop, M., Klein, D.V.: Improving system security via proactive password checking. Comput. Secur. 14(3), 233–249 (1995)

    Article  Google Scholar 

  3. Bitcoin Forum. cudaMiner - a new litecoin mining application. http://bitcointalk.org/index.php?topic=167229.0

  4. Burr, W.E., Dodson, D.F., Polk, W.T.: Electronic authentication guideline. NIST Special Publication 800–63 (2006)

    Google Scholar 

  5. Castelluccia, C., Chaabane, A., Dürmuth, M., Perito, D.: Omen: an improved password cracker leveraging personal information (2013). arXiv:1304.6584

  6. Castelluccia, C., Dürmuth, M., Perito, D.: Adaptive password-strength meters from markov models. In Proceedings of the Network and Distributed Systems Security Symposium (NDSS). The Internet Society (2012)

    Google Scholar 

  7. Dell’Amico, M., Pietro, M., Roudier, Y.: Password strength: an empirical analysis. In: INFOCOM 2010: Proceedings of 29th Conference on Computer Communications. IEEE (2010)

    Google Scholar 

  8. Dürmuth, M., Güneysu, T., Kasper, M., Paar, C., Yalcin, T., Zimmermann, R.: Evaluation of standardized password-based key derivation against parallel processing platforms. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 716–733. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  9. ElcomSoft. Lightning Hash Cracker, November 2011. http://www.elcomsoft.com/lhc.html

  10. Gendrullis, T., Novotný, M., Rupp, A.: A real-world attack breaking A5/1 within hours. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 266–282. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  11. Google Inc. - Open Handset Alliance. Android KitKat. https://developer.android.com/about/versions/kitkat.html

  12. Gosney, J.: Password cracking HPC. Presentation at Passwords12 Conference (2012). http://passwords12.at.ifi.uio.no/Jeremi_Gosney_Password_Cracking_HPC_Passwords12.pdf

  13. Güneysu, T., Kasper, T., Novotný, M., Paar, C., Rupp, A.: Cryptanalysis with COPACOBANA. IEEE Trans. Comput. 57(11), 1498–1513 (2008)

    Article  MathSciNet  Google Scholar 

  14. Güneysu, T., Paar, C., Pfeiffer, G., Schimmler, M.: Enhancing COPACOBANA for advanced applications in cryptography and cryptanalysis. In: Proceedings of the Conference on Field Programmable Logic and Applications (FPL 2008), pp. 675–678 (2008)

    Google Scholar 

  15. Hellman, M.: A cryptanalytic time-memory trade-off. IEEE Trans. Inf. Theory 26(4), 401–406 (1980)

    Article  MathSciNet  MATH  Google Scholar 

  16. Intel. Intel Core i7–900 Desktop Processor Series (2011). http://download.intel.com/support/processors/corei7/sb/core_i7-900_d.pdf

  17. John the Ripper. http://www.openwall.com/john/

  18. Kaliski, B.: PKCS #5: Password-based cryptography specification version 2.0. RFC 2898, September 2000. http://tools.ietf.org/html/rfc2898

  19. Klein, D.V.: Foiling the cracker: a survey of, and improvements to, password security. In: Proceedings of USENIX UNIX Security Workshop (1990)

    Google Scholar 

  20. Komanduri, S., Shay, R., Kelley, P.G., Mazurek, M.L., Bauer, L., Christin, N., Cranor, L.F., Egelman, S.: Of passwords and people: measuring the effect of password-composition policies. In: CHI 2011: Conference on Human Factors in Computing Systems (2011)

    Google Scholar 

  21. Malvoni, K., Designer, S., Knezovic, J.: Are your passwords safe: energy-efficient bcrypt cracking with low-cost parallel hardware. In: Proceedings of the 8th USENIX Conference on Offensive Technologies, WOOT 2014. USENIX Association (2014)

    Google Scholar 

  22. Marechal, S.: Advances in password cracking. J. Comput. Virol. 4(1), 73–81 (2008)

    Article  Google Scholar 

  23. Mentens, N., Batina, L., Preneel, B., Verbauwhede, I.: Time-memory trade-off attack on FPGA platforms: UNIX password cracking. In: Bertels, K., Cardoso, J.M.P., Vassiliadis, S. (eds.) ARC 2006. LNCS, vol. 3985, pp. 323–334. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  24. Morris, R., Thompson, K.: Password security: a case history. Commun. ACM 22(11), 594–597 (1979)

    Article  Google Scholar 

  25. Narayanan, A., Shmatikov, V.: Fast dictionary attacks on passwords using time-space tradeoff. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 364–372. ACM, New York (2005)

    Google Scholar 

  26. Nvidia. NVIDIA GeForce GTX 400 GPU Datasheet (2010). http://www.nvidia.com/docs/IO/90025/GTX_480_470_Web_Datasheet_Final.pdf

  27. Nvidia. CUDA Developer Zone (Website) (2011). http://developer.nvidia.com/category/zone/cuda-zone

  28. Oechslin, P.: Making a faster cryptanalytic time-memory trade-off. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 617–630. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  29. Password hashing competition. https://password-hashing.net/

  30. Percival, C.: Stronger key derivation via sequential memory-hard functions. Presentation at BSDCan 2009 (2009). http://www.tarsnap.com/scrypt/scrypt.pdf

  31. Provos, N., Mazières, D.: A future-adaptable password scheme. In: USENIX Annual Technical Conference, FREENIX Track, pp. 81–91. USENIX (1999)

    Google Scholar 

  32. Schechter, S., Herley, C., Mitzenmacher, M.: Popularity is everything: a new approach to protecting passwords from statistical-guessing attacks. In: Proceedings of the 5th USENIX Conference on Hot Topics in Security, pp. 1–8. USENIX Association (2010)

    Google Scholar 

  33. Steube, J.: oclHashcat (2014). http://hashcat.net/oclhashcat/

  34. Teufl, P., Fitzek, A.G., Hein, D., Marsalek, A., Oprisnik, A., Zefferer, T.: Android encryption systems. In: International Conference on Privacy and Security in Mobile Systems (2014) (in press)

    Google Scholar 

  35. TrueCrack. http://code.google.com/p/truecrack/

  36. Weir, M., Aggarwal, S., Collins, M., Stern, H.: Testing metrics for password creation policies by attacking large sets of revealed passwords. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), pp. 162–175. ACM (2010)

    Google Scholar 

  37. Weir, M., Aggarwal, S., de Medeiros, B., Glodek, B.: Password cracking using probabilistic context-free grammars. In: IEEE Symposium on Security and Privacy, pp. 391–405. IEEE Computer Society (2009)

    Google Scholar 

  38. Wiemer, F., Zimmermann, R.: High-speed implementation of bcrypt password search using special-purpose hardware. In: Proceedings of the International Conference on Reconfigurable Computing and FPGAs (ReConFig) (2014)

    Google Scholar 

  39. Wu, T.: A real-world analysis of kerberos password security. In: Network and Distributed System Security Symposium (1999)

    Google Scholar 

  40. Zimmermann, R., Güneysu, T., Paar, C.: High-performance integer factoring with reconfigurable devices. In: FPL, pp. 83–88. IEEE (2010)

    Google Scholar 

Download references

Acknowledgements

This work was supported in part by the BMBF Project UNIKOPS (01BY1040) and the DFG Research Training Group GRK 1817/1.

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT-Security (HGI), Ruhr University Bochum, Bochum, Germany

    Markus Dürmuth & Thorsten Kranz

Authors
  1. Markus Dürmuth
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thorsten Kranz
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thorsten Kranz .

Editor information

Editors and Affiliations

  1. Dept of Telematics, Norwegian Univ of Science & Tech, Trondheim, Norway

    Stig F. Mjølsnes

Appendices

A Full Runtime Listings for Hashcat

Table 7. Comparison of hashrates for our implementation and oclHashcat v1.31.
Full size table
Table 8. Hardware used to measure CPU runtimes.
Full size table

B Full Runtime Listings for the Benchmark CPUs

Table 9. Running times of PBKDF2 with HMAC and SHA-512 on CPUs (in ms).
Full size table
Table 10. Running times of scrypt (r=8, p=1) on CPUs (in ms).
Full size table
Table 11. Running times of bcrypt on CPUs (in ms).
Full size table

C Full Runtime Listings for Different Trade-Off Parameters for Scrypt

Table 12. Obtained hashrates for scrypt. Computed as interpolation of the nearest measurements.
Full size table

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Dürmuth, M., Kranz, T. (2015). On Password Guessing with GPUs and FPGAs. In: Mjølsnes, S. (eds) Technology and Practice of Passwords. PASSWORDS 2014. Lecture Notes in Computer Science(), vol 9393. Springer, Cham. https://doi.org/10.1007/978-3-319-24192-0_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-24192-0_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-24191-3

  • Online ISBN: 978-3-319-24192-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation