Naslov
Are Your Passwords Safe: Energy-Efficient Bcrypt Cracking with Low-Cost Parallel Hardware

Autori
Malvoni, Katja ; Solar, Designer ; Knezović, Josip

Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni

Izvornik
WOOT'14 8th Usenix Workshop on Offensive Technologies Proceedings / - : USENIX, 2014, 1-7

Skup
WOOT'14 8th Usenix Workshop on Offensive Technologies Proceedings 23rd USENIX Security Symposium

Mjesto i datum
San Diego (CA), Sjedinjene Američke Države, 19.08.2014. - 22.08.2014

Vrsta sudjelovanja
Predavanje

Vrsta recenzije
Međunarodna recenzija

Ključne riječi
hash generation; cryptography; bcrpyt; blowfish; parallellism; embedded hardware; energy efficiency

Sažetak
Bcrypt is a password hashing scheme based on the Blowfish block cipher. It was designed to be resistant to brute force attacks and to remain secure despite of hardware improvements. Expensive key setup with user defined cost setting makes this hash slow while rapid random 32-bit lookups using Blowfish’s variable S-boxes require 4 KB of local memory per instance. This memory access pattern makes bcrypt moderately unfriendly to parallel implementation on modern CPUs, where on one hand gather addressing is required in order to exploit the CPUs’ SIMD capabilities, and on the other even when gather addressing is in fact available the L1 data cache size becomes the limiting factor. Despite of this (and due to it), it is possible to achieve much better performance per Watt with bcrypt implementations on homogeneous and heterogeneous multiprocessing platforms: Parallella board with 16- or 64-core Epiphany accelerator and ZedBoard with Zynq reconfigurable logic. Proposed implementations were integrated into John the Ripper password cracker resulting in improved energy efficiency by a factor of 35+ compared to heavily optimized implementations on modern CPUs.

Izvorni jezik
Engleski

Znanstvena područja
Elektrotehnika, Računarstvo

POVEZANOST RADA