Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008) (2008)
Waikoloa, Big Island, Hawaii
Jan. 7, 2008 to Jan. 10, 2008
Operating systems and data protection tools are employing sophisticated password derived encryption key techniques in order to encrypt data. Such techniques impose a significant computational burden on forensic tools that attempt dictionary attacks are requiring cryptographic hash generation functions to be called several thousand times for each password attempted. In order to improve throughput, forensic analysis tools are designed to operate in a distributed manner over a dedicated network of workstations. This paper describes an FPGA-based hardware implementation of the standard PKCS#5 technique published by RSA Laboratories for generating password-derived encryption keys. This is the most computationally demanding step required when performing a dictionary attack on modern password-protected systems. The initial FPGA implementation incorporates four password-derived encryption key generation units operating at a frequency of 150MHz and is capable of processing over 510 passwords per second. The implementation's performance can be easily improved by incorporating additional key generation units.
Y. S. Dandass, "Using FPGAs to Parallelize Dictionary Attacks for Password Cracking," Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008)(HICSS), Waikoloa, Big Island, Hawaii, 2008, pp. 486.