Password Cracking in the Cloud

Transcription

1 Password Cracking in the Cloud Gautam Korlam Department of Computer Science, UC Santa Barbara Report for CS290G Network Security Professor: Dr. Çetin Kaya Koç

2 ABSTRACT Cloud computing is a great resource for applications that require computing capacity for a short time but do not need investing in fixed capital for long term. As a result, it can be used for lot of attacks such as cracking passwords, keys or other forms of brute force attacks that are computationally expensive but highly parallelizable. This paper will focus on the currently available tools and techniques, discuss their practical aspects and outline experimental analysis to verify their feasibility and real world performance.

3 TABLE OF CONTENTS Abstract Introduction Cloud Computing Tools CloudCrack Cryptohaze Multiforcer Cloudcracker Details Winzip Encryption Brute Force Attack What Cloud Computing Offers Cracking A Zip Password Using GPUs Analysis and Scaling Conclusion References... 12

4 1 INTRODUCTION How safe is your password? One might argue that using secure hash algorithms, passwords can be stored securely without having to worry about their security. Cloud computing is likely to upset such long held assumptions about security. The tools required to crack encrypted passwords and data are easily available to the masses. A commercial cloud-computing offering is fast to provision, guarantees predictable performance and can be billed to a stolen credit card by an attacker. The balance of power between security controls and attack methods shifts quite dramatically if you assume the attacker has high-performance computing available at low cost. Take passwords, for example. The length and complexity of a password determines the effort required to mount a brute force attack. Password hashes based on an algorithm such as the Secure Hashing Algorithm, cannot be reversed but they can be brute-forced by trying all possible values. The problem is highly parallelizable i.e. the search space can be broken into as many batches as needed and sent out to multiple CPUs to brute-force in parallel. GPUs can also be effectively used in this regard. Using cloud computing resources, an attacker can now achieve in minutes or hours what would have taken years earlier. Firstly, tools, methods and services that make use of cloud computing resources for brute force attacks are discussed. Secondly, the details and optimizations that can be incorporated into one such method are outlined. Lastly, some experimental analysis using real world cloud computing resources are performed and the results are presented. The paper concludes with the impact of the existing methods on current security protocols and discusses possible future directions. 2 CLOUD COMPUTING TOOLS Encryption doesn t make it impossible to decrypt, but rather infeasible to decrypt. Buying a supercomputer to decrypt encrypted information, might not be worth the decrypted information, thereby making it infeasible. With cloud computing, however, end-users and regular people, have access to very powerful machines for a fraction of their actual cost (pay by usage). Coupling that

5 with the high scalability of the cloud, it means that what was previously infeasible, is now a very viable option. In fact what used to be only available to big corporations and governments, now has become available to anyone with a credit card and Amazon account. Techniques need not involve complex mathematical approaches to breaking encryption either, a standard brute force method executed in parallel can also be very effective. Brute Force basically involves trying every single possible password until eventually the password that works is found. In the past brute force wasn t considered a valid option since trying all those passwords which number in the hundreds of billions, would require a very powerful computer. Most people (even criminals), do not have access to that sort of computing power. However, with the advent of cloud computing, powerful hardware is suddenly becoming more available to the general public for low-down prices. What used to cost tens of thousands of dollars per server now costs just $2.60 an hour to rent. For example, there are several cloud based solutions available currently for accomplishing attacks. Some of them are discussed below. 2.1 CLOUDCRACK CloudCrack is a GPU-enhanced cryptanalysis suite for cloud computing platforms such as the Amazon EC2 Cluster Compute cloud. It is a NVIDIA GPU-accelerated cryptanalysis suite written in CUDA, NVIDIA s massively parallel concurrent programming language. CloudCrack contains custom CUDA multi-precision math libraries for storing a large target RSA modulus n in shared GPU memory, with each GPU core working as a parallel factoring process to break the target modulus. CloudCrack is based upon a Pollard s Rho factoring hybrid with an updated Brent cycle finder, and includes performance optimizations to the traditional Rho factoring method. The massively parallel design of the NVIDIA GPU architecture lends itself quite well to Pollard s Rho, and the reduction sieve performance enhancements added with CloudCrack can reduce by several orders of magnitude the size of the key-space required for a successful brute force attack against a large RSA target modulus n.

6 2.2 CRYPTOHAZE MULTIFORCER Cryptohaze Multiforcer is a high performance multi-hash brute force tool with support for per-position character sets, and very good performance scaling when dealing with large hash lists. It supports quite a few algorithms like MD5, NTLM, SHA1, MSSQL, DOUBLEMD5 etc. It includes cross-platform network support for unsalted hashes. This allows multiple hosts to easily work together on a complex problem space without requiring the user to manually break it into smaller pieces as some other tools require. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on an Nvidia GTX 260 card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate and not the search rate. The search rate is 380M * 1.4M passwords per second. 2.3 CLOUDCRACKER Cloudcracker is an online password cracking service for cracking WPA protected wireless networks, password hashes or breaking document encryption. It is as simple as submitting a hash or handshake file and receiving the result via after a few hours. One can run a network handshake against 3 million words in under 20 minutes for as less as $17. For inexperienced users who do not know how to setup and use the more advanced tools, this service makes it very easy to achieve the same at a higher cost. For example it can crack and VPN or Wi-Fi connection secured using MS-CHAPv2 within 24 hours for around $200. MS-CHAPv2 is based on the encryption algorithm DES. Despite its long known weaknesses, MS-CHAPv2 is still widely used, especially in company environments, as the authentication protocol is supported out of the box by many operating systems. A PPTP/MS- CHAPv2 combination is also in widespread use on smartphones. The Cloudcracker web service is backed by a processing server which is able to test 18 billion keys per second. The server is equipped with 48 programmable processing units known as field programmable gate arrays (FPGA). Each FPGA is programmed to provide 40 parallel processors, each with a clock speed of 450 MHz, for cracking DES.

7 3 DETAILS One tool that leverages the power of the cloud to crack encrypted WinZip archives is discussed in detail below. 3.1 WINZIP ENCRYPTION WinZip has 3 options for encrypting a file: 1. The regular Zip encryption (96-bit) 2. AES 128 bit 3. AES 256 bit. Unfortunately, the default option for encryption is Zip encryption (96-bit) and it is very vulnerable to attacks. AES is still relatively safe, but ultimately the security the password provides depends on both the password itself, the type of encryption used and the value of the unencrypted data. 3.2 BRUTE FORCE ATTACK For example an 8 character password that consist of only lower case letters would mean a maximum of 235 million passwords. If upper case letters are included the total goes to 53 trillion possible combinations. Finally if digits and special characters are included, that would result in almost 7 quadrillion possible combinations. To perform a brute force attack on a number of passwords of that magnitude requires tremendous computing power. Most users don t have really powerful machines at their disposal. High performance today, may mean mediocre performance next month, so a lot of people buy mainstream performance machines as a matter of practicality and cost. But what if you could go the Amazon cloud and rent a really powerful machine?

8 3.3 WHAT CLOUD COMPUTING OFFERS Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers. The GPU instances provide general-purpose graphics processing units (GPUs) with proportionally high CPU and increased network performance for applications benefitting from highly parallelized processing, including HPC, rendering and media processing applications. The GPU instance is named Cluster GPU Quadruple Extra Large instance and has 22 GB memory, 33.5 EC2 Compute Units, 2 x NVIDIA Tesla Fermi M2050 GPUs, 1690 GB of local instance storage, 64-bit platform, 10 Gigabit Ethernet. A GPU instance is chosen as the Graphics Processing Unit is more attuned to parallel processing than the CPU. In fact using a GPU to crack passwords has provided results magnitudes of times better than using a plain CPU attack. An example of a software that takes advantage of the GPU for parallel processing is the Accent Zip Password Recovery Tool, which utilizes your GPU instead of your CPU cores to crack the passwords resulting in nearly 1000 times better performance. 3.4 CRACKING A ZIP PASSWORD USING GPUS After initiating a cluster GPU instance, the Accent Zip Password Recovery Tool was installed on it and run on a simple zip (96-Bit) encrypted file. The brute force attack was executed at a rate of 827 MILLION passwords per second. The commercial version allows for use of both the GPUS simultaneously and would have reached the 1.5 Billion mark easily. This suggests that the all lower letter password would be cracked in a matter of 0.25 seconds. Similar test for AES- 128 bits and AES-256 bits encryption yielded a much lower speed of 280,000 passwords per second. The overall cost of renting such a server is about $2.6 per hour. The tool is remarkably simple, and appears effective, with mind-blowing speeds on the Amazon GPU cluster, however it will cost around $40.00 for the full version to be able to run across all GPUs on the cluster GPU instance.

9 Figure 1: Accent Zip Password Recovery Tool 4 ANALYSIS AND SCALING Cloud Computing isn t about buying just 1 machine, it s also about scaling up, buying lots and lots of machines for short burst on demand. Cloud Computing introduces the concept of a Machine-Hour. Every computational process could be quantified by machine hours. And if you want something done in less hours, just buy more machines. So let s say we can we have a file protected by a 8 Character password comprising of upper and lower case letters, and for simplicity sake, let s say it ll take an Amazon Extra Large Quadruple Cluster 56 Hours to crack the password. By spinning up extra machines on Amazon, since every computational process can be quantified by machine hours, more the machines, less the hours needed.

10 For example, 56 Amazon machines two for each letter of the alphabet (upper and lower case) can be assigned to work on passwords starting with the letter they are assigned to. So one machine would try all passwords starting with A, and another trying all passwords starting with a and then so and so forth for b, 'B, 'c, 'C.all the way to z and Z. 56 machines in total, requiring just one full hour of cracking per machine. Before cloud computing, the only way to do this was to actually buy 56 different machines that s expensive. With cloud computing it could cost just $2.60/machine-hour. That s cheaper than buying even one machine. The best part is, since Amazon charges per machine-hour it ll cost the exact same amount but in far less time. The setup overhead of splitting the task across machines is still required initially. This is of course a case of Vertical vs. Horizontal, buying more machines from Amazon is a straightforward way to crack a password in a short amount of time. Figure 2: Scaling the Cracking

11 Many utilities exist that make the scaling of the password cracking on the cloud easier. For example, StarCluster is an open source cluster-computing toolkit for Amazon s Elastic Compute Cloud (EC2). It has been designed to automate and simplify the process of building, configuring, and managing clusters of virtual machines on Amazon s EC2 cloud. StarCluster allows anyone to easily create a cluster computing environment in the cloud suited for distributed and parallel computing applications and systems. 5 CONCLUSION At 2.60/hour on the Extra Large GPU cluster, cracking better encryption algorithms will cost a lot of money, but some files floating on the internet protect data far more valuable than that. This extends to not just WinZip, but encrypted s and messages as well. In fact since AES is used both in WinZip and for some encryption, the numbers here may be reflective of how hard it would be to decrypt secured s. Taking it to the extreme, even the 7 quadrillion password combinations could be cracked in 3.5 Million machine-hours. It translates to just over $9 Million US Dollars. In a time where state-sponsored cyber-attacks are a real occurrence, what is $9 Million dollars to a government anyway? This was a real world test with real world implications. If criminals get their hands on valuable encrypted data, there really is nothing stopping them from spending money to spin up thousands of instances on Amazon trying to decrypt the data. In fact with cloud computing, anyone with a credit card has access to huge computational power and that opens up the possibility of criminals cracking what used to be secured data. The cloud also provides this at low-cost, thereby reducing the barrier to entry for criminals to crack your code, so a lot of the older password mechanism like the Zip Password protect, aren t relevant anymore. With the advent of cloud computing, like with any other technology, the bad guys have also found a new tool. When we consider the balance of risk and reward, the cost/benefit evaluation of a security control we have to consider the significantly lower cost of computing for everyone, attackers included. Passwords, wireless encryption keys, at-rest encryption and even old SSL algorithms must be reevaluated in this light. What was thought of as "infeasible" may be well within the means of "average" hackers.

12 6 REFERENCES 1. Password cracking in the cloud How to Crack Passwords in the Cloud with Amazon's Cluster GPU Instances CloudCracker CloudCrack Alex Biryukov, Johann Großschädl: Cryptanalysis of the Full AES Using GPU-Like Special- Purpose Hardware. Fundam. Inform. 114(3-4): (2012) 6. Robert Szerwinski and Tim Güneysu Exploiting the Power of GPUs for Asymmetric Cryptography. In Proceedings of the 10th international workshop on Cryptographic Hardware and Embedded Systems (CHES '08) 7. Cracking Passwords in the Cloud StarCluster Cryptohaze Multiforcer Cloud service cracks VPN passwords in 24 hours - online.com/security/news/item/cloud-service-cracks-vpn-passwords-in-24-hours html