Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers

Energy-efficient bcrypt cracking

These are the slides we used at PasswordsCon Las Vegas 2014 (colocated with BSidesLV), Skytalks 2014 (colocated with DEFCON), and FSEC 2014. We used a much older version of these slides at PasswordsCon Bergen 2013.

Please click on the slides for higher-resolution versions. You may also download a PDF file with all of the slides (7.4 MB) and watch a video of the talk (YouTube).

We also used a summary version (2.6 MB) of these slides at USENIX WOOT '14, and we recommend that you read our WOOT '14 paper (268 KB, 7 pages).

Errata: the number 1024 used in formulas on slides 50 and 51 (slide 15 in the summary version) and on pages 4 to 6 in the paper should actually be 1042 (as (512+9)*2). Correcting it would very slightly affect our reported theoretical and derived speeds.

Update: the most optimized implementation described on slide 33 and in the paper on pages 3 and 4, which was unstable on our ZedBoard despite of hardware modifications, became stable on a newer ZedBoard revision without any custom hardware modifications, actually delivering on the Zynq 7020 the same speed of over 7000 c/s at bcrypt cost 5 that we had achieved by emulation on a Zynq 7045 board.

Update: we've since implemented bcrypt on ZTEX 1.15y quad-FPGA boards (which was mentioned as part of "Future work" on slide 57 here), achieving much higher speeds than anything shown here (over 100k c/s at bcrypt cost 5 per board, over 1.6M c/s on a 16-board cluster managed from one Raspberry Pi). We've also implemented a number of other hash types on those boards, with support for all of that merged into John the Ripper bleeding-jumbo branch and available for actual use (not just research).

Slide 1 Slide 2 Slide 3 Slide 4 Slide 5 Slide 6 Slide 7 Slide 8 Slide 9 Slide 10 Slide 11 Slide 12 Slide 13 Slide 14 Slide 15 Slide 16 Slide 17 Slide 18 Slide 19 Slide 20 Slide 21 Slide 22 Slide 23 Slide 24 Slide 25 Slide 26 Slide 27 Slide 28 Slide 29 Slide 30 Slide 31 Slide 32 Slide 33 Slide 34 Slide 35 Slide 36 Slide 37 Slide 38 Slide 39 Slide 40 Slide 41 Slide 42 Slide 43 Slide 44 Slide 45 Slide 46 Slide 47 Slide 48 Slide 49 Slide 50 Slide 51 Slide 52 Slide 53 Slide 54 Slide 55 Slide 56 Slide 57 Slide 58 Slide 59 Slide 60 Slide 61

Quick Comment:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ

45600