Because of the huge media coverage about my upcoming talk “Breaking encryption in the cloud: GPU accelerated supercomputing for everyone” at Black Hat DC I want to make sure that no one is getting a wrong impression on what I’m going to demonstrate:
Back in November last year (happy new year by the way) I did a very simple benchmark using the CUDA Multiforcer to get a basic idea on how Amazons new ‘cluster GPU instances’ are performing when it comes to brute forcing passwords that are stored as SHA-1 hash. Because I was very interested in doing some work in this direction, I decided to start programming a tool that’s able to startup instances on the Amazon EC2 cloud and uses them to crack encryptions in a distributed way. The possibility of doing so is nothing new: Moxie Marlinspike, a hacker/sailor/pyrotechnician, is running a service called WPACracker that can be used for cracking handshake captures of WPA-PSK using several, very large dictionaries on a 400 CPU cluster that runs on the Amazon cloud. Even though this process is pretty fast (around 20 minutes), I wanted to know how much speed at which cost factor we can get using the latest generation of cloud instances.
The results of my work and the tool that I developed to do this will be released as part of the talk, so that everyone will be able to start his own cluster in the cloud and get some impression on what can be done using the latest high performance computing possibilities. To give you an idea on what I mean with high performance: I’ll demonstrate how to break a WPA-PSK handshake at a speed of ~400.000 PMKs/s, maybe (if I get it finished till then) also at a speed of over 1.000.000 PMKs/s per second.