Acceleration Attacks on PBKDF2: Or, What Is inside the Black-Box of oclHashcat?

Authors: 

Andrew Ruddick, Oxford, UK; Jeff Yan, Lancaster University

Abstract: 

The Password Based Key Derivation Function v2 (PBKDF2) is an important cryptographic primitive that has practical relevance to many widely deployed security systems. We investigate accelerated attacks on PBKDF2 with commodity GPUs, reporting the fastest attack on the primitive to date, outperforming the previous state-of- the-art oclHashcat. We apply our attack to Microsoft .NET framework, showing that a consumer-grade GPU can break an ASP.NET password in less than 3 hours, and we discuss the application of our attack to WiFi Protected Access (WPA2).

We consider both algorithmic optimisations of crypto primitives and OpenCL kernel code optimisations and empirically evaluate the contribution of individual optimisations on the overall acceleration. In contrast to the common view that GPU acceleration is primarily driven by massively parallel hardware architectures, we demonstrate that a proportionally larger contribution to acceleration is made through effective algorithmic optimisations. Our work also contributes to understanding what is going on inside the black box of oclHashcat.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Ruddick PDF
View the slides
BibTeX
@inproceedings {198399,
author = {Andrew Ruddick and Jeff Yan},
title = {Acceleration Attacks on PBKDF2: Or, What Is inside the Black-Box of oclHashcat?},
booktitle = {10th {USENIX} Workshop on Offensive Technologies ({WOOT} 16)},
year = {2016},
address = {Austin, TX},
url = {https://www.usenix.org/conference/woot16/workshop-program/presentation/ruddick},
publisher = {{USENIX} Association},
}
Download