Upload
andrey-belenko
View
739
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Too much has changed in computer security by now, however the power of today’s conventional computers is not enough for many challenging tasks. Password auditing and forensic analysis require much computation to be carried out. This leads to building large and expensive clusters which are difficult to set up and manage and which consume lot of energy – bad choice and eco-ineffective. Now we have got a great alternative: innovative technologies based on graphic cards implementation that allow for higher performance and lower power consumption. GPU computation virtually opens new computer security reality. For example, you can audit the security of your network encrypted with WPA/WPA2. This will be shown in practice. You will also learn the inside-outs of password protection to escape false sense of security later on and hear our blitz report on common password policy errors.
Citation preview
Graphic Cards: Password Recovery
goes Faster and Greener
Who may needPassword Recovery?
Ordinary users (own passwords)
IT Departments (employee’s passwords)
Security auditors, consultants and penetration testers
Law enforcement & government
Hackers usually don’t!
Why speed counts?
Users and IT Departments:«We needed those passwords yesterday»
Auditors, consultants and pentesters:
«Time is Money»
How to increase speed?
Traditional way is to network together many computers to form a cluster
• Communication overhead
• Difficult to manage
• Not power-efficient
Any other options?
For many HPC applications GPUsare many times fasterthan CPUs
Yes!
But they’re not only faster, they are
greener!
Why?
CPUs are designed to be efficient at serialcomputing…
…while GPU’s main concern is
parallel computing
Intel® Core™ i7-965
“The highest performing desktop processor on the
planet.”
4 cores3,2 GHz
731 million transistors263 mm2
L3 cache8 Мb
>384 million transistors
QPI
QPI
IO IOQueue
Core Core
Memory Controller
CoreCore
L3 cache8 Мb
>384 million transistors
QPI
QPI
IO IOQueue
Core Core
Memory Controller
CoreCore
L2
Pagi
ng
Bran
ch P
redi
ctio
n
Inst
Fet
ch &
L1
L1 Data
Execution Units
Mem
ory
Orde
ring
&
Exec
utio
n
Out-of-Order
Scheduling &
Retirement
Instruction Decode & Microcode
L3 cache8 Мb
>384 million transistors
QPI
QPI
IO IOQueue
Core Core
Memory Controller
CoreCore
CPU dedicates only about 10% to the
execution units!
1/10
CPU dedicates only about 10% to the
execution units!
NVIDIA®GeForce® GTX 285
240 cores1.476 GHz1.4 billion transistors470 mm2
TPC TPC TPC TPC TPC
TPC TPC TPC TPCTPC
ROP Setup ROP
Memory Controller
PCIe & Memory
Controller
Thread Dispatch
TPC TPC TPC TPC TPC
TPC TPC TPC TPCTPC
ROP Setup ROP
Memory Controller
PCIe & Memory
Controller
Thread Dispatch
Mul
tipro
cess
or
Mul
tipro
cess
or
Mul
tipro
cess
orTexture Fetch &
Other
TPC TPC TPC TPC TPC
TPC TPC TPC TPCTPC
ROP Setup ROP
Memory Controller
PCIe & Memory
Controller
Thread Dispatch
GPU dedicates about 30% to the execution units!
1/3
GPU dedicates 6 times as manyresources to the execution units
as CPU!
183 Watts full load
6x130=780 Watts full load
Performance
70
87
32
570
795
195
920
1 330
250
1 920
2 600
680
0 1 000 2 000 3 000
MD5
NTLM
LM
Millions passwords per second
S1070
GTX 295
GTX 285
Q6600
Performance per $
389
483
178
1 629
2 271
557
1 917
2 771
521
240
325
85
0 500 1 000 1 500 2 000 2 500 3 000
MD5
NTLM
LM
Thousands passwords per $ per second
S1070
GTX 295
GTX 285
Q6600
Are passwords broken?
No, but it is good time to review password policy!
• Use password manager
• Don’t use pronounceable word as password
• Use random set of (at least) lowercase and uppercase letters and digits as password
• Windows: use passwords of at least 10 characters long
• Change your passwords regularly
• Review password policy regularly
Performance per Watt
667
829
305
3 115
4 344
1 066
3 183
4 602
865
2 400
3 250
850
0 1 000 2 000 3 000 4 000 5 000
MD5
NTLM
LM
Thousands passwords per watt per second
S1070
GTX 295
GTX 285
Q6600
Greener Computing
• Consider a cluster of 25 dual-CPU quad-core computers
• 400 watts full load each
• 10’000 watts total
Greener Computing
• Two Tesla S1070 provide same performance
• 800 watts full load each
• One computer for management
• 2’000 watts total
Greener Computing
• 8’000 watts saved
• 49’090 kWh a year (at 70% utilization)
• £3’436 savings on electricity a year (at 7p per kWh average rate)
• Prevents 27’500 kg CO2 emission
• Takes 5 cars off the road
• Saves 2’300 trees/year