Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Katerina Korolkova, ElcomSoft Co. Ltd.: Crack me faster

November 2007 by By Katerina Korolkova, PR Manager, ElcomSoft Co. Ltd

This could be a problem to anyone, and you don’t feel fine when you see the window saying that access is denied due to wrong password. Both end-users and people in big businesses have from time to time to lock significant documents with passwords. And both could from time to time forget them. According to surveys , 47% of help desk calls are related to lost or forgotten passwords, and every such call costs from $30 to $50. Now think about the time that is wasted to solve such a problem, and never forget that time is money too.

The problem of lost or forgotten passwords has been addressed by software developers, and several methods of password cracking were devised. One of such methods is brute force attack. The idea of brute force attack is that a program tries all possible symbol combinations in order to find the correct password. Users are able to limit the search by such parameters as the number of symbols in the password and defining the type of symbols allowed (letters, digits, etc.)

When using brute force attack, you can expect guaranteed result: the password will be cracked. The question is how much time could it take to recover the correct password and get access to the document you need right now. Until recently, users were able to crack their passwords faster by setting some limitations. Now you can accelerate password recovery process by using modern graphic processing units (GPUs).

Older graphic chips were not capable of processing fixed-point calculations required for most cryptography algorithms. Today GPUs are equipped with powerful processors designed to accelerate rendering and may be used for such calculations as password recovery. Modern graphic card is a co-processor with large number of processors. High-end cards have as much as 128 processors and up to 1.5 Gb memory onboard.

Tests showed that up to 12 millions of NTLM hashes per second are normally cracked on average dual-core processor. We witness considerable acceleration when graphic chips are used. For example, on GeForce 8600 GTS the recovery speed for NTLM hashes is up to 100 millions per second, whereas on 8800 Ultra it proved to be much higher – up to 350 millions hashes per second.

Using GPU for password recovery guarantees you considerable acceleration. NTLM hashes, PGP, RAR archives and Office 2007 document passwords can be cracked with GPUs. According to preliminary tests, using graphic chips allows to accelerate Windows password recovery by factor of 25 to 30. Other methods such as brute force attack or dictionary attack are good, but only think about the time you can save by using graphic chips.

Another recovery technique that allows you to reduce the time is dictionary attack. The idea is that a software program searches through the existing list of words (“dictionaries”) as it is a common situation that users simply choose words or abbreviations for their passwords. Dictionaries can be included into a software program or looked up for in a network. FTP servers often host a variety of lists of commonly used words and their modifications, lists of word by topics, etc. A user can also compile his/her own list of words.

The password cracking methods are being constantly developed. In the year 2003 rainbow-tables attack based on a search with pre-calculated table(s)was invented. Rainbow tables guarantee almost instant result. The only disadvantage is that rainbow tables are probabilistic. It was estimated that common rainbow tables may provide as high probability as 99.9% of unlocking (for PDF files). Now what if your password falls into the remaining 0.1%?

Stay cool. The uncertainty of 0.1 % can be easily broken by Thunder Tables, the newly developed method of password cracking. Thunder Tables were tested on 10000 PDF files with randomly-created passwords. The average cracking time was 25 seconds; the toughest key was recovered in less than 15 minutes on Intel Core 2 Duo 1.86 GHz with 1 Gb RAM. The cracking success is rooted in 40-bit encryption that allows more than one trillion (two to the 40th power) possible keys.

Everyone locks documents with passwords. Everyone forgets or loses passwords. Every password can be cracked. The question is only how long would it take. Applying new technologies such as usage of GPU or Thunder Tables you reduce the time and crack your password faster.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts