EC2 GPU cracks passwords on the cheap
Tuesday, 16 November 2010

Cheap cloud computing allows the SHA1 code to be cracked in bulk, courtesy of Amazon Web Services'  Cluster GPU Instances.

Banner

Our recent news that Amazon EC2 could now provide a supercomputer on the cheap was quickly proved by Thomas Roth. He cracked 14 SHA1 hashes to recover the password (1-6 characters) in just 49 minutes i.e 3.5 minutes per password. . He also points out that one hour of EC2 GPU costs just over $2. Notice that only a single instance was used and so this doesn't represent a huge advance on what you can do with a desktop machine, but the solution scales easily to cracking passwords in bulk using multiple instances. The author even plans to create a preconfigured instance that can be launched to crack passwords of your choice.  The code cracker used can also work with MD5/4 and NTLM as well as SHA1.

aws

Of course this means that SHA1, which is still widely used, isn't secure (and hasn't been for some time). The availability of an easy and cheap cloud cracking configuration extends this vulnerability to mass password recovery. SHA2 is more secure but who knows for how long. The point is that if you have the know-how you don't need to be a government agency to get the necessary hardware to do the job - GPUs in the cloud are waiting for you.

Other relevant articles:

Amazon extends options for high performance cloud computing

GPGPU optimisation

Graphics Accelerators

Free Amazon AWS

 

Banner


Sequin - Open Source Message Stream Built On Postgres
31/10/2024

Sequin is a tool for capturing changes and streaming data out of your Postgres database, guaranteeing exactly once processing. What does that mean?



AI Propels Python To Top Language on GitHub
30/10/2024

This year's Octoverse Report reveals how AI is expanding on GitHub and that Python has now overtaken JavaScript as the most popular language on GitHub. The use of Jupyter Notebooks has also surged.


More News

<ASIN:0596515812>

<ASIN:0321228324>

<ASIN:0321335597>

<ASIN:0321515269>

<ASIN:6130268661>

<ASIN:0131387685>

Last Updated ( Wednesday, 17 November 2010 )