Upload
hakhanh
View
221
Download
2
Embed Size (px)
Citation preview
Background● The method of cracking passwords by trying all candidate passwords from a
given list is known as “Dictionary attack”. ● Our approach includes generating multiple combinations of the passwords in
parallel, and trying out all of those parallely against all the passwords we want to crack.
Candidate password Generator
Hash Checker
Dictionary words
Hashed Passwords
Cracked passwords
input
Research paper 1Title: Dictionary Attack on TrueCrypt with RIVYERA S3-5000
Author: Abbas, Ayman and Rathje, Claas Anders and Wienbrandt, Lars and Schimmler, Manfred
Name of journal: Proceedings of the 2012 IEEE 18th International Conference on Parallel and Distributed Systems
Date: 2012-12-17
Page number: 93--100
URL: http://dx.doi.org/10.1109/ICPADS.2012.23
Informal :
Dictionary attack using FPGAs to decrypt file container header.
Formal:
Decrypt file container header encrypted with SERPENT, and header keys calculated using WHIRLPOOL (1000 iterations), using RIVYERA S3-5000, to eventually recover password and decrypt the whole file encrypted using TrueCrypt software.
Problem Statement
Approach● TrueCrypt is software to encrypt partitions, file containers etc.● Of all options available the paper has targeted SERPENT as encryption
algorithm and WHIRLPOOL as hashing function● Each file container has header which has unencrypted salt and word “TRUE”
in the beginning. ● Header keys are generated from dictionary , 1000 iterations and
WHIRLPOOL. ● This header key is then used decrypt the header and try to decrypt word
“TRUE”.
Image Reference: [1]
● Architecture of RIVYERA consists of two components:○ FPGA based supercomputer (128 FPGA’s in 16 slots)○ Mainboard Intel i7, 8 GB RAM (linux)
Image Reference : [1]
ContributionPasswords are generated using
HK = PBKDF2( P, S, c, 512)where P = PassphraseS = saltc = iterations for pseudoRandom function, WHIRLPOOL (1000)hklength = 512
Results of the paper ● Speedup of 247 as compared to PC implementation ● Energy consumption is around of RIVYERA is 590 W, whereas same
performance with PC needs cluster of 247 nodes, consuming around 55575W. So we require 94 times lesser energy, with same performance.
● Number of passwords searched 203000 per second as compared to intel i7 (6 cores, 12 threads) 820 per second.
Takeaway for our approachThough the approach discussed by paper seems fascinating we won’t be using it.
OpenPGP- OpenPGP is a standard of PGP (Pretty Good Privacy).- A most widely used email encryption standard.- A hybrid cryptographic scheme.- You can read more about it in RFC 4880.
------------------
------------------
------------------
Use Session
Key
Use Public Key to encrypt
session key
Original File Encrypted File Encrypted File and Session Key
Sender:-
------------------
------------------
------------------
Use Private Key
Use Session
Key
Encrypted File and Session Key
Session Key Decrypted
Original Unencrypted File
Receiver :-
OpenPGP- The keys used in OpenPGP are stored in keyrings. - Private keys in private keyrings and public keys in public keyrings.- In order to prevent disclosure of your private keys - private keyring is
encrypted using symmetric algorithm that uses the hash of the user’s passphrase as a secret key.
Title: An Architecture for Distributed Dictionary Attacks to Cryptosystems
Author: Massimo Bernaschi, Mauro Bisson, Emanuele Gabrielli, Simone Tacconi
Name of journal: Journal Of Computers, Vol 4, No 5
Date: 4 May 2009
Page number: 378--386
URL: http://ojs.academypublisher.com/index.php/jcp/article/view/690
Research paper 2
Problem- The paper discusses how an attack can be performed on the user specified
passphrase in order to get the private keys.
Contribution of the paper A distributed architecture for performing dictionary attack.
- The architecture consists of 3 levels - root, generators and verifiers.
Root - Dictionary Compilation PhaseGenerators - Passphrase Generation PhaseVerifiers - Passphrase verification Phase
Advantage● This approach can be applied to other cryptosystems by making a few
changes.
Drawbacks
● Not a purely distributed architecture - root node is central point of failure.● Verification process is not parallelized to its full extent.
Takeaway for our approach- The phases involved in the paper’s approach are similar to the phases in our
approach.- Although the paper uses a distributed architecture, we will be using a parallel
architecture which we assume will give a similar or better results.- Also, with the help of PJ2 library this kind of architecture can easily be ported
to a parallel architecture.
Research paper 3Title: A fast, GPU based, dictionary attack to OpenPGP secret keyrings
Author: Milo, Fabrizio and Bernaschi, Massimo and Bisson, Mauro
Name of journal: J. Syst. Softw.
Date: December, 2011
Page number: 2088--2096
URL: http://dx.doi.org/10.1016/j.jss.2011.05.027
ProblemTo guess passwords of private keyrings of OpenPGP using dictionary attack, with implementation based on CUDA.
Approach● Fast test to filter out candidate passwords● GPU used for “fast test”. (fast test is same as last paper)● Fast test is useful as, last step (getting hash of the MPI and comparing it with
hash present in decrypted plaintext) is computationally expensive. ● CPU to test passwords
● Efficient SHA1 implementation for GPU using loop unwinding.(20x speedup)● Effective use of GPU for filtering candidate passphrase. i.e. for “fast test”.● Minimizing computation overhead by avoiding Standard procedure to evaluate
the correctness of passphrase. ● Other GPU specific implementation based optimizations.● Key generation and decryption are sequential to avoid Global memory access
overhead.
Contribution of the paper
Drawbacks● Sequential dependency of last stage.● Method is not generic. Very specific to OpenPGP.● Verification process is not fully parallelized.
We found out that the Fast test approach could have been parallelized by producer consumer pattern. But since they are using GPU intermediate results from key transformation kernel would have to be stored in Global memory and then the Decryption kernel would take over.
Issue? - Memory overhead.
Solution- For our problem we don’t have a computationally expensive verifying step as this problem has. Producer consumer pattern will help us get speedup. To resolve memory, we will have to use cluster of machines not GPU.
Takeaway for our approach
References[1] Ayman Abbas, Claas Anders Rathje, Lars Wienbrandt, and Manfred Schimmler. 2012. Dictionary Attack on TrueCrypt with RIVYERA S3-5000. In Proceedings of the 2012 IEEE 18th International Conference on Parallel and Distributed Systems (ICPADS '12). IEEE Computer Society, Washington, DC, USA, 93-100. DOI=http://dx.doi.org/10.1109/ICPADS.2012.23
[2]Bernaschi, Massimo, et al. "An architecture for distributed dictionary attacks to cryptosystems." Journal of Computers 4.5 (2009): 378-386.
[3] Fabrizio Milo, Massimo Bernaschi, and Mauro Bisson. 2011. A fast, GPU based, dictionary attack to OpenPGP secret keyrings. J. Syst. Softw. 84, 12 (December 2011), 2088-2096. DOI=http://dx.doi.org/10.1016/j.jss.2011.05.027