Elcomsoft trying to patent faster GPU-based password cracker
Angelos D. Keromytis
angelos at cs.columbia.edu
Thu Oct 25 22:13:56 EDT 2007
Actually, there's a slightly earlier paper:
"CryptoGraphics: Secret Key Cryptography Using Graphics Cards"
Debra L. Cook, John Ioannidis, Angelos D. Keromytis, and Jake Luck. In
Proceedings of the RSA Conference, Cryptographer's Track (CT-RSA), pp.
334 - 350. February 2005, San Francisco, CA. An older version is
available as Columbia University Computer Science Department Technical
Report CUCS-002-04.
You can get it from
http://www1.cs.columbia.edu/~angelos/Papers/2004/gc_ctrsa.pdf
-Angelos
Steven M. Bellovin wrote:
> On Wed, 24 Oct 2007 13:25:29 -0400
> "mheyman at gmail.com" <mheyman at gmail.com> wrote:
>
>> From:
>>
>> <http://www.elcomsoft.com/EDPR/gpu_en.pdf>
>>
>> Moscow, Russia - October 22, 2007 - ElcomSoft Co. Ltd. has
>> discovered and filed for a US patent...Using the "brute force"
>> technique of recovering passwords, it was possible, though
>> time-consuming, to recover passwords from popular
>> applications. For example...Windows Vista uses NTLM hashing
>> by default, so using a modern dual-core PC you could test up to
>> 10,000,000 passwords per second, and perform a complete
>> analysis in about two months. With ElcomSoft's new technology,
>> the process would take only three to five days..Today's [GPU]
>> chips can process fixed-point calculations. And with as much as
>> 1.5 Gb of onboard video memory and up to 128 processing
>> units, these powerful GPU chips are much more effective than
>> CPUs in performing many of these calculations...Preliminary
>> tests using Elcomsoft Distributed Password Recovery product
>> to recover Windows NTLM logon passwords show that the
>> recovery speed has increased by a factor of twenty, simply by
>> hooking up with a $150 video card's onboard GPU.
>>
> I hope they don't get the patent. The idea of using a GPU for
> cryptographic calculations isn't new; see, for example, "Remotely Keyed
> Cryptographics: Secure Remote Display Access Using (Mostly) Untrusted
> Hardware" (http://www1.cs.columbia.edu/~angelos/Papers/2005/rkey_icics.pdf)
> Debra L. Cook, Ricardo Baratto, and Angelos D. Keromytis. In
> Proceedings of the 7th International Conference on Information and
> Communications Security (ICICS), pp. 363 - 375. December 2005, Beijing,
> China. An older version is available as Columbia University Computer
> Science Department Technical Report CUCS-050-04
> (http://mice.cs.columbia.edu/getTechreport.php?techreportID=110&format=pdf&),
> December 2004.
>
>
> --Steve Bellovin, http://www.cs.columbia.edu/~smb
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list