As an example of how technology advances, I looked at the differences between two Nvidia graphics cards (especially relevant for hashing); the 2010 GeForce GTX 580 and the 2016 GeForce GTX 1080 (top of the line cards for their respective years). Perhaps the most relevant specs to consider would be the clock speed, core count, and energy efficiency.
| GTX 580 | GTX 1080 | |
|---|---|---|
| Clock Speed (MHz) | 772 | 1607 |
| Cuda Cores | 512 | 2560 |
| Power Consumption (W) | 244 | 180 |
These are some massive increases; the clock speed effectively doubled and the core count increased by a factor of 5! And to top it all off, energy consumption is about 25% better on the 1080. This is essentially ten times as powerful (2 x 5) for three quarters the energy cost, absolutely incredible performance gains. (in mass hash calculations/attacks, GPU's are often chosen because they excel at calculating parallelized mathematical functions)
With this in mind it is important that we consider how our tech will hold up in the future, and that it be built strong enough to withstand attacks that are orders of magnitude stronger than what is currently reasonable. Thankfully modern hash algorithms have realized this and most (all?) have implemented a cost factor that can be increased at will. In the case of the php implementation of bcrypt, the cost can be modified in its optional inputs. In this case the cost is measured in 2^n, a value of 10 will increase the cost by 2^10 or 1024 (this is the default, 1024 iterative hashes are performed). It is recommended that the cost be set as high as possible without negatively effecting performance.
In the same way that hash salting provides defense against rainbow table attacks, hash costs can provide a defense against dictionary/hybrid attacks.
In the same way that hash salting provides defense against rainbow table attacks, hash costs can provide a defense against dictionary/hybrid attacks.
I really like the data provided and I think it makes your post be effective. I think it would have been interesting to see how the increase from the 580 to the 1080 has impacted what you're researching. I see you mention the effective increase between the two but I'd be interested in knowing just what impact that has on the hashing. Either way, good research and I love how you provided technical data in your post.
ReplyDeleteEssentially it all boils down to the number of hashes that can be computed and compared to the target (whether trying to crack someones password hash or trying to create documents with identical hashes). Modern GPU's can calculate billions of hashes per second; attacks that used to take years and hundreds of thousands of dollars in electrical bills are now become much more affordable for your average agency. The costs to execute these attacks will decrease as tech advances, disregarding stronger implementations of hashing. Obviously increasing the time cost of a hash function will directly effect its attack cost. i.e. a hash that takes .05 seconds to compute will be 1000 times as strong as one that takes .00005 seconds.
DeleteIt's that classic balance between convenience and security. How much latency will your clients put up with and just how valuable the resources you're protecting are often can override best practices and mitigate security protection. I sometimes wonder what is the better practice, stronger algorithms or longer ones?
ReplyDeleteOK, So you just opened a new rabbit hole of questions like what is bcrypt and a rainbow table attack. I like the mention of using GPU as a means of attack since they are better calculating those figures. This leads me to ask, how are GPUs implemented in an attack? Are we talking an attack being done from a video card or are the GPUs put into a different environment? This was a great post and will have me looking up these answers. I also hope that our security measures keep up with our tech. In theory, could a quantum processor break these hashes? Will our security keep up with a massive tech advancement like that? Great post.
ReplyDeleteDepending on your need, a single GPU in a modern gaming computer is more than sufficient for many cracking attacks, particularly if you are only trying to break one hash or if the hash algorithm is weak (aka, fast to compute).
DeleteIn more specialized attacks made against strong targets, you may either purchase multiple cards and distribute the task among multiple machines (its not uncommon to see quad GPU gaming machines, for example), or in extreme cases where the target is particularly strong you may have to resort to cloud services such as Amazons EC2 P2 instances.
https://aws.amazon.com/ec2/instance-types/p2/
Quantum computers are interesting because they are extremely specialized for certain types of problems, and bad at others. I'm not sure if hashing is one of those problems, but if it is then that will really shake up all encryption/hashing technologies.
As far as the attack implementation, if you have the hash available then you can simply run a program that will utilize the CUDA cores (usually some C/C++ application).
Delete