Password Cracking in the Cloud

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Password Cracking in the Cloud"

Transcription

1 Password Cracking in the Cloud Gautam Korlam Department of Computer Science, UC Santa Barbara Report for CS290G Network Security Professor: Dr. Çetin Kaya Koç

2 ABSTRACT Cloud computing is a great resource for applications that require computing capacity for a short time but do not need investing in fixed capital for long term. As a result, it can be used for lot of attacks such as cracking passwords, keys or other forms of brute force attacks that are computationally expensive but highly parallelizable. This paper will focus on the currently available tools and techniques, discuss their practical aspects and outline experimental analysis to verify their feasibility and real world performance.

3 TABLE OF CONTENTS Abstract Introduction Cloud Computing Tools CloudCrack Cryptohaze Multiforcer Cloudcracker Details Winzip Encryption Brute Force Attack What Cloud Computing Offers Cracking A Zip Password Using GPUs Analysis and Scaling Conclusion References... 12

4 1 INTRODUCTION How safe is your password? One might argue that using secure hash algorithms, passwords can be stored securely without having to worry about their security. Cloud computing is likely to upset such long held assumptions about security. The tools required to crack encrypted passwords and data are easily available to the masses. A commercial cloud-computing offering is fast to provision, guarantees predictable performance and can be billed to a stolen credit card by an attacker. The balance of power between security controls and attack methods shifts quite dramatically if you assume the attacker has high-performance computing available at low cost. Take passwords, for example. The length and complexity of a password determines the effort required to mount a brute force attack. Password hashes based on an algorithm such as the Secure Hashing Algorithm, cannot be reversed but they can be brute-forced by trying all possible values. The problem is highly parallelizable i.e. the search space can be broken into as many batches as needed and sent out to multiple CPUs to brute-force in parallel. GPUs can also be effectively used in this regard. Using cloud computing resources, an attacker can now achieve in minutes or hours what would have taken years earlier. Firstly, tools, methods and services that make use of cloud computing resources for brute force attacks are discussed. Secondly, the details and optimizations that can be incorporated into one such method are outlined. Lastly, some experimental analysis using real world cloud computing resources are performed and the results are presented. The paper concludes with the impact of the existing methods on current security protocols and discusses possible future directions. 2 CLOUD COMPUTING TOOLS Encryption doesn t make it impossible to decrypt, but rather infeasible to decrypt. Buying a supercomputer to decrypt encrypted information, might not be worth the decrypted information, thereby making it infeasible. With cloud computing, however, end-users and regular people, have access to very powerful machines for a fraction of their actual cost (pay by usage). Coupling that

5 with the high scalability of the cloud, it means that what was previously infeasible, is now a very viable option. In fact what used to be only available to big corporations and governments, now has become available to anyone with a credit card and Amazon account. Techniques need not involve complex mathematical approaches to breaking encryption either, a standard brute force method executed in parallel can also be very effective. Brute Force basically involves trying every single possible password until eventually the password that works is found. In the past brute force wasn t considered a valid option since trying all those passwords which number in the hundreds of billions, would require a very powerful computer. Most people (even criminals), do not have access to that sort of computing power. However, with the advent of cloud computing, powerful hardware is suddenly becoming more available to the general public for low-down prices. What used to cost tens of thousands of dollars per server now costs just $2.60 an hour to rent. For example, there are several cloud based solutions available currently for accomplishing attacks. Some of them are discussed below. 2.1 CLOUDCRACK CloudCrack is a GPU-enhanced cryptanalysis suite for cloud computing platforms such as the Amazon EC2 Cluster Compute cloud. It is a NVIDIA GPU-accelerated cryptanalysis suite written in CUDA, NVIDIA s massively parallel concurrent programming language. CloudCrack contains custom CUDA multi-precision math libraries for storing a large target RSA modulus n in shared GPU memory, with each GPU core working as a parallel factoring process to break the target modulus. CloudCrack is based upon a Pollard s Rho factoring hybrid with an updated Brent cycle finder, and includes performance optimizations to the traditional Rho factoring method. The massively parallel design of the NVIDIA GPU architecture lends itself quite well to Pollard s Rho, and the reduction sieve performance enhancements added with CloudCrack can reduce by several orders of magnitude the size of the key-space required for a successful brute force attack against a large RSA target modulus n.

6 2.2 CRYPTOHAZE MULTIFORCER Cryptohaze Multiforcer is a high performance multi-hash brute force tool with support for per-position character sets, and very good performance scaling when dealing with large hash lists. It supports quite a few algorithms like MD5, NTLM, SHA1, MSSQL, DOUBLEMD5 etc. It includes cross-platform network support for unsalted hashes. This allows multiple hosts to easily work together on a complex problem space without requiring the user to manually break it into smaller pieces as some other tools require. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on an Nvidia GTX 260 card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate and not the search rate. The search rate is 380M * 1.4M passwords per second. 2.3 CLOUDCRACKER Cloudcracker is an online password cracking service for cracking WPA protected wireless networks, password hashes or breaking document encryption. It is as simple as submitting a hash or handshake file and receiving the result via after a few hours. One can run a network handshake against 3 million words in under 20 minutes for as less as $17. For inexperienced users who do not know how to setup and use the more advanced tools, this service makes it very easy to achieve the same at a higher cost. For example it can crack and VPN or Wi-Fi connection secured using MS-CHAPv2 within 24 hours for around $200. MS-CHAPv2 is based on the encryption algorithm DES. Despite its long known weaknesses, MS-CHAPv2 is still widely used, especially in company environments, as the authentication protocol is supported out of the box by many operating systems. A PPTP/MS- CHAPv2 combination is also in widespread use on smartphones. The Cloudcracker web service is backed by a processing server which is able to test 18 billion keys per second. The server is equipped with 48 programmable processing units known as field programmable gate arrays (FPGA). Each FPGA is programmed to provide 40 parallel processors, each with a clock speed of 450 MHz, for cracking DES.

7 3 DETAILS One tool that leverages the power of the cloud to crack encrypted WinZip archives is discussed in detail below. 3.1 WINZIP ENCRYPTION WinZip has 3 options for encrypting a file: 1. The regular Zip encryption (96-bit) 2. AES 128 bit 3. AES 256 bit. Unfortunately, the default option for encryption is Zip encryption (96-bit) and it is very vulnerable to attacks. AES is still relatively safe, but ultimately the security the password provides depends on both the password itself, the type of encryption used and the value of the unencrypted data. 3.2 BRUTE FORCE ATTACK For example an 8 character password that consist of only lower case letters would mean a maximum of 235 million passwords. If upper case letters are included the total goes to 53 trillion possible combinations. Finally if digits and special characters are included, that would result in almost 7 quadrillion possible combinations. To perform a brute force attack on a number of passwords of that magnitude requires tremendous computing power. Most users don t have really powerful machines at their disposal. High performance today, may mean mediocre performance next month, so a lot of people buy mainstream performance machines as a matter of practicality and cost. But what if you could go the Amazon cloud and rent a really powerful machine?

8 3.3 WHAT CLOUD COMPUTING OFFERS Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers. The GPU instances provide general-purpose graphics processing units (GPUs) with proportionally high CPU and increased network performance for applications benefitting from highly parallelized processing, including HPC, rendering and media processing applications. The GPU instance is named Cluster GPU Quadruple Extra Large instance and has 22 GB memory, 33.5 EC2 Compute Units, 2 x NVIDIA Tesla Fermi M2050 GPUs, 1690 GB of local instance storage, 64-bit platform, 10 Gigabit Ethernet. A GPU instance is chosen as the Graphics Processing Unit is more attuned to parallel processing than the CPU. In fact using a GPU to crack passwords has provided results magnitudes of times better than using a plain CPU attack. An example of a software that takes advantage of the GPU for parallel processing is the Accent Zip Password Recovery Tool, which utilizes your GPU instead of your CPU cores to crack the passwords resulting in nearly 1000 times better performance. 3.4 CRACKING A ZIP PASSWORD USING GPUS After initiating a cluster GPU instance, the Accent Zip Password Recovery Tool was installed on it and run on a simple zip (96-Bit) encrypted file. The brute force attack was executed at a rate of 827 MILLION passwords per second. The commercial version allows for use of both the GPUS simultaneously and would have reached the 1.5 Billion mark easily. This suggests that the all lower letter password would be cracked in a matter of 0.25 seconds. Similar test for AES- 128 bits and AES-256 bits encryption yielded a much lower speed of 280,000 passwords per second. The overall cost of renting such a server is about $2.6 per hour. The tool is remarkably simple, and appears effective, with mind-blowing speeds on the Amazon GPU cluster, however it will cost around $40.00 for the full version to be able to run across all GPUs on the cluster GPU instance.

9 Figure 1: Accent Zip Password Recovery Tool 4 ANALYSIS AND SCALING Cloud Computing isn t about buying just 1 machine, it s also about scaling up, buying lots and lots of machines for short burst on demand. Cloud Computing introduces the concept of a Machine-Hour. Every computational process could be quantified by machine hours. And if you want something done in less hours, just buy more machines. So let s say we can we have a file protected by a 8 Character password comprising of upper and lower case letters, and for simplicity sake, let s say it ll take an Amazon Extra Large Quadruple Cluster 56 Hours to crack the password. By spinning up extra machines on Amazon, since every computational process can be quantified by machine hours, more the machines, less the hours needed.

10 For example, 56 Amazon machines two for each letter of the alphabet (upper and lower case) can be assigned to work on passwords starting with the letter they are assigned to. So one machine would try all passwords starting with A, and another trying all passwords starting with a and then so and so forth for b, 'B, 'c, 'C.all the way to z and Z. 56 machines in total, requiring just one full hour of cracking per machine. Before cloud computing, the only way to do this was to actually buy 56 different machines that s expensive. With cloud computing it could cost just $2.60/machine-hour. That s cheaper than buying even one machine. The best part is, since Amazon charges per machine-hour it ll cost the exact same amount but in far less time. The setup overhead of splitting the task across machines is still required initially. This is of course a case of Vertical vs. Horizontal, buying more machines from Amazon is a straightforward way to crack a password in a short amount of time. Figure 2: Scaling the Cracking

11 Many utilities exist that make the scaling of the password cracking on the cloud easier. For example, StarCluster is an open source cluster-computing toolkit for Amazon s Elastic Compute Cloud (EC2). It has been designed to automate and simplify the process of building, configuring, and managing clusters of virtual machines on Amazon s EC2 cloud. StarCluster allows anyone to easily create a cluster computing environment in the cloud suited for distributed and parallel computing applications and systems. 5 CONCLUSION At 2.60/hour on the Extra Large GPU cluster, cracking better encryption algorithms will cost a lot of money, but some files floating on the internet protect data far more valuable than that. This extends to not just WinZip, but encrypted s and messages as well. In fact since AES is used both in WinZip and for some encryption, the numbers here may be reflective of how hard it would be to decrypt secured s. Taking it to the extreme, even the 7 quadrillion password combinations could be cracked in 3.5 Million machine-hours. It translates to just over $9 Million US Dollars. In a time where state-sponsored cyber-attacks are a real occurrence, what is $9 Million dollars to a government anyway? This was a real world test with real world implications. If criminals get their hands on valuable encrypted data, there really is nothing stopping them from spending money to spin up thousands of instances on Amazon trying to decrypt the data. In fact with cloud computing, anyone with a credit card has access to huge computational power and that opens up the possibility of criminals cracking what used to be secured data. The cloud also provides this at low-cost, thereby reducing the barrier to entry for criminals to crack your code, so a lot of the older password mechanism like the Zip Password protect, aren t relevant anymore. With the advent of cloud computing, like with any other technology, the bad guys have also found a new tool. When we consider the balance of risk and reward, the cost/benefit evaluation of a security control we have to consider the significantly lower cost of computing for everyone, attackers included. Passwords, wireless encryption keys, at-rest encryption and even old SSL algorithms must be reevaluated in this light. What was thought of as "infeasible" may be well within the means of "average" hackers.

12 6 REFERENCES 1. Password cracking in the cloud How to Crack Passwords in the Cloud with Amazon's Cluster GPU Instances CloudCracker CloudCrack Alex Biryukov, Johann Großschädl: Cryptanalysis of the Full AES Using GPU-Like Special- Purpose Hardware. Fundam. Inform. 114(3-4): (2012) 6. Robert Szerwinski and Tim Güneysu Exploiting the Power of GPUs for Asymmetric Cryptography. In Proceedings of the 10th international workshop on Cryptographic Hardware and Embedded Systems (CHES '08) 7. Cracking Passwords in the Cloud StarCluster Cryptohaze Multiforcer Cloud service cracks VPN passwords in 24 hours - online.com/security/news/item/cloud-service-cracks-vpn-passwords-in-24-hours html

Wisecracker A high performance distributed cryptanalysis framework

Wisecracker A high performance distributed cryptanalysis framework Wisecracker A high performance distributed cryptanalysis framework A Technical White Paper October 30 2012 Written by Vikas N Kumar Introduction Cryptanalysis can be performed in various ways such as by

More information

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013

USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars October 29, 2013 USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security

More information

High-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago

High-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago High-speed cryptography and DNSCurve D. J. Bernstein University of Illinois at Chicago Stealing Internet mail: easy! Given a mail message: Your mail software sends a DNS request, receives a server address,

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information

IoT Security Platform

IoT Security Platform IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there

More information

Cryptographic Algorithms and Key Size Issues. Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.

Cryptographic Algorithms and Key Size Issues. Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst. Cryptographic Algorithms and Key Size Issues Çetin Kaya Koç Oregon State University, Professor http://islab.oregonstate.edu/koc koc@ece.orst.edu Overview Cryptanalysis Challenge Encryption: DES AES Message

More information

Optimizing GPU-based application performance for the HP for the HP ProLiant SL390s G7 server

Optimizing GPU-based application performance for the HP for the HP ProLiant SL390s G7 server Optimizing GPU-based application performance for the HP for the HP ProLiant SL390s G7 server Technology brief Introduction... 2 GPU-based computing... 2 ProLiant SL390s GPU-enabled architecture... 2 Optimizing

More information

SAS Data Set Encryption Options

SAS Data Set Encryption Options Technical Paper SAS Data Set Encryption Options SAS product interaction with encrypted data storage Table of Contents Introduction: What Is Encryption?... 1 Test Configuration... 1 Data... 1 Code... 2

More information

Database Virtualization and the Cloud

Database Virtualization and the Cloud Database Virtualization and the Cloud How database virtualization, cloud computing and other advances will reshape the database landscape by Mike Hogan, CEO ScaleDB Inc. December 10, 2009 Introduction

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

GPU System Architecture. Alan Gray EPCC The University of Edinburgh

GPU System Architecture. Alan Gray EPCC The University of Edinburgh GPU System Architecture EPCC The University of Edinburgh Outline Why do we want/need accelerators such as GPUs? GPU-CPU comparison Architectural reasons for GPU performance advantages GPU accelerated systems

More information

A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR

A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR William Stallings Copyright 20010 H.1 THE ORIGINS OF AES...2 H.2 AES EVALUATION...3 Supplement to Cryptography and Network Security, Fifth Edition

More information

Strong Authentication for Future Web Applications

Strong Authentication for Future Web Applications Strong Authentication for Future Web Applications Chris Williams Leidos, Inc. July 18, 2014 For W3C Identity in the Browser Workshop Abstract Leidos (formerly SAIC), has been using strong authentication

More information

NESCO/NESCOR Common TFE Analysis: CIP-007 R5.3 Password Complexity

NESCO/NESCOR Common TFE Analysis: CIP-007 R5.3 Password Complexity NESCO/NESCOR Common TFE Analysis: CIP-007 R5.3 Password Complexity National Electric Sector Cybersecurity Organization (NESCO)/NESCO Resource (NESCOR) DISCLAIMER OF WARRANTIES AND LIMITATION OF LIABILITIES

More information

A Comparison of Protocols for Device Management and Software Updates

A Comparison of Protocols for Device Management and Software Updates B L A C K B E R R Y M 2 M S O L U T I O N S A Comparison of Protocols for Device Management and Software Updates In the last two decades, the number of connected computing devices has grown at a staggering

More information

WHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords

WHITE PAPER AUGUST 2014. Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords WHITE PAPER AUGUST 2014 Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords 2 WHITE PAPER: PREVENTING SECURITY BREACHES Table of Contents on t Become the Next Headline

More information

HPC Cluster Decisions and ANSYS Configuration Best Practices. Diana Collier Lead Systems Support Specialist Houston UGM May 2014

HPC Cluster Decisions and ANSYS Configuration Best Practices. Diana Collier Lead Systems Support Specialist Houston UGM May 2014 HPC Cluster Decisions and ANSYS Configuration Best Practices Diana Collier Lead Systems Support Specialist Houston UGM May 2014 1 Agenda Introduction Lead Systems Support Specialist Cluster Decisions Job

More information

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems Becky Cutler Rebecca.cutler@tufts.edu Mentor: Professor Chris Gregg Abstract Modern day authentication systems

More information

GPU File System Encryption Kartik Kulkarni and Eugene Linkov

GPU File System Encryption Kartik Kulkarni and Eugene Linkov GPU File System Encryption Kartik Kulkarni and Eugene Linkov 5/10/2012 SUMMARY. We implemented a file system that encrypts and decrypts files. The implementation uses the AES algorithm computed through

More information

Speeding up GPU-based password cracking

Speeding up GPU-based password cracking Speeding up GPU-based password cracking SHARCS 2012 Martijn Sprengers 1,2 Lejla Batina 2,3 Sprengers.Martijn@kpmg.nl KPMG IT Advisory 1 Radboud University Nijmegen 2 K.U. Leuven 3 March 17-18, 2012 Who

More information

White Paper. Enhancing Website Security with Algorithm Agility

White Paper. Enhancing Website Security with Algorithm Agility ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today

More information

Managing the Performance of Cloud-Based Applications

Managing the Performance of Cloud-Based Applications Managing the Performance of Cloud-Based Applications Taking Advantage of What the Cloud Has to Offer And Avoiding Common Pitfalls Moving your application to the cloud isn t as simple as porting over your

More information

Cloud Computing. Alex Crawford Ben Johnstone

Cloud Computing. Alex Crawford Ben Johnstone Cloud Computing Alex Crawford Ben Johnstone Overview What is cloud computing? Amazon EC2 Performance Conclusions What is the Cloud? A large cluster of machines o Economies of scale [1] Customers use a

More information

Cryptanalysis with a cost-optimized FPGA cluster

Cryptanalysis with a cost-optimized FPGA cluster Cryptanalysis with a cost-optimized FPGA cluster Jan Pelzl, Horst Görtz Institute for IT-Security, Germany UCLA IPAM Workshop IV Special Purpose Hardware for Cryptography: Attacks and Applications December

More information

Cloud Computing and Amazon Web Services

Cloud Computing and Amazon Web Services Cloud Computing and Amazon Web Services Gary A. McGilvary edinburgh data.intensive research 1 OUTLINE 1. An Overview of Cloud Computing 2. Amazon Web Services 3. Amazon EC2 Tutorial 4. Conclusions 2 CLOUD

More information

Data Security using Encryption in SwiftStack

Data Security using Encryption in SwiftStack Data Security using Encryption in SwiftStack May 2015 Copyright 2015 SwiftStack, Inc. swiftstack.com Page 1 of 11 Table of Contents Introduction... 3 Defining Three Threat Models... 3 Encrypted Data and

More information

ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING

ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING Sonam Mahajan 1 and Maninder Singh 2 1 Department of Computer Science Engineering, Thapar University, Patiala, India 2 Department of Computer Science Engineering,

More information

Enhancing Organizational Security Through the Use of Virtual Smart Cards

Enhancing Organizational Security Through the Use of Virtual Smart Cards Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company

More information

www.xenon.com.au STORAGE HIGH SPEED INTERCONNECTS HIGH PERFORMANCE COMPUTING VISUALISATION GPU COMPUTING

www.xenon.com.au STORAGE HIGH SPEED INTERCONNECTS HIGH PERFORMANCE COMPUTING VISUALISATION GPU COMPUTING www.xenon.com.au STORAGE HIGH SPEED INTERCONNECTS HIGH PERFORMANCE COMPUTING GPU COMPUTING VISUALISATION XENON Accelerating Exploration Mineral, oil and gas exploration is an expensive and challenging

More information

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT INTERNATIONAL JOURNAL OF RESEARCH IN COMPUTER APPLICATIONS AND ROBOTICS ISSN 2320-7345 IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT Merlin Shirly T 1, Margret Johnson 2 1 PG

More information

Dashlane Security Whitepaper

Dashlane Security Whitepaper Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.

More information

A Standards-based Approach to IP Protection for HDLs

A Standards-based Approach to IP Protection for HDLs A Standards-based Approach to IP Protection for HDLs John Shields Staff Engineer, Modelsim Overview Introduction A Brief Status First Look at The Flow Encryption Technology Concepts Key Management Second

More information

CENIC Private Cloud Pilot Using Amazon Reserved Instances (RIs) September 9, 2011

CENIC Private Cloud Pilot Using Amazon Reserved Instances (RIs) September 9, 2011 CENIC Private Cloud Pilot Using Amazon Reserved Instances (RIs) September 9, 2011 CENIC has been working with Amazon for some time to put in place procedures through which CENIC member institutions can

More information

Scaling in the Cloud with AWS. By: Eli White (CTO & Co-Founder @ mojolive) eliw.com - @eliw - mojolive.com

Scaling in the Cloud with AWS. By: Eli White (CTO & Co-Founder @ mojolive) eliw.com - @eliw - mojolive.com Scaling in the Cloud with AWS By: Eli White (CTO & Co-Founder @ mojolive) eliw.com - @eliw - mojolive.com Welcome! Why is this guy talking to us? Please ask questions! 2 What is Scaling anyway? Enabling

More information

Amazon Cloud Storage Options

Amazon Cloud Storage Options Amazon Cloud Storage Options Table of Contents 1. Overview of AWS Storage Options 02 2. Why you should use the AWS Storage 02 3. How to get Data into the AWS.03 4. Types of AWS Storage Options.03 5. Object

More information

TOP SECRETS OF CLOUD SECURITY

TOP SECRETS OF CLOUD SECURITY TOP SECRETS OF CLOUD SECURITY Protect Your Organization s Valuable Content Table of Contents Does the Cloud Pose Special Security Challenges?...2 Client Authentication...3 User Security Management...3

More information

Cloud Computing Capacity Planning. Maximizing Cloud Value. Authors: Jose Vargas, Clint Sherwood. Organization: IBM Cloud Labs

Cloud Computing Capacity Planning. Maximizing Cloud Value. Authors: Jose Vargas, Clint Sherwood. Organization: IBM Cloud Labs Cloud Computing Capacity Planning Authors: Jose Vargas, Clint Sherwood Organization: IBM Cloud Labs Web address: ibm.com/websphere/developer/zones/hipods Date: 3 November 2010 Status: Version 1.0 Abstract:

More information

HTTPS is Fast and Hassle-free with CloudFlare

HTTPS is Fast and Hassle-free with CloudFlare HTTPS is Fast and Hassle-free with CloudFlare 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com In the past, organizations had to choose between performance and security when encrypting their

More information

Cloud Computing. Adam Barker

Cloud Computing. Adam Barker Cloud Computing Adam Barker 1 Overview Introduction to Cloud computing Enabling technologies Different types of cloud: IaaS, PaaS and SaaS Cloud terminology Interacting with a cloud: management consoles

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

DNA IT - Business IT On Demand

DNA IT - Business IT On Demand DNA IT - Business IT On Demand September 1 2011 DNA IT White Paper: Introduction to Cloud Computing The boom in cloud computing over the past few years has led to a situation that is common to many innovations

More information

Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things:

Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things: SHA-1 Versus SHA-2 Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things: - Breaking SHA-1 is not yet practical but will

More information

Big Data, Big Security:

Big Data, Big Security: Big Data, Big Security: Best Practices for Enterprise Data Encryption Introduction Big Data is a big topic right now and well it should be. The ebb and flow of commerce and other interactions around the

More information

Programming models for heterogeneous computing. Manuel Ujaldón Nvidia CUDA Fellow and A/Prof. Computer Architecture Department University of Malaga

Programming models for heterogeneous computing. Manuel Ujaldón Nvidia CUDA Fellow and A/Prof. Computer Architecture Department University of Malaga Programming models for heterogeneous computing Manuel Ujaldón Nvidia CUDA Fellow and A/Prof. Computer Architecture Department University of Malaga Talk outline [30 slides] 1. Introduction [5 slides] 2.

More information

Chapter 19 Cloud Computing for Multimedia Services

Chapter 19 Cloud Computing for Multimedia Services Chapter 19 Cloud Computing for Multimedia Services 19.1 Cloud Computing Overview 19.2 Multimedia Cloud Computing 19.3 Cloud-Assisted Media Sharing 19.4 Computation Offloading for Multimedia Services 19.5

More information

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security Mitigating Server Breaches with Secure Computation Yehuda Lindell Bar-Ilan University and Dyadic Security The Problem Network and server breaches have become ubiquitous Financially-motivated and state-sponsored

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

THE SECURITY OF HOSTED EXCHANGE FOR SMBs THE SECURITY OF HOSTED EXCHANGE FOR SMBs In the interest of security and cost-efficiency, many businesses are turning to hosted Microsoft Exchange for the scalability, ease of use and accessibility available

More information

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY

CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY CLOUD COMPUTING SECURITY ARCHITECTURE - IMPLEMENTING DES ALGORITHM IN CLOUD FOR DATA SECURITY Varun Gandhi 1 Department of Computer Science and Engineering, Dronacharya College of Engineering, Khentawas,

More information

Cluster, Grid, Cloud Concepts

Cluster, Grid, Cloud Concepts Cluster, Grid, Cloud Concepts Kalaiselvan.K Contents Section 1: Cluster Section 2: Grid Section 3: Cloud Cluster An Overview Need for a Cluster Cluster categorizations A computer cluster is a group of

More information

QLIKVIEW SERVER MEMORY MANAGEMENT AND CPU UTILIZATION

QLIKVIEW SERVER MEMORY MANAGEMENT AND CPU UTILIZATION QLIKVIEW SERVER MEMORY MANAGEMENT AND CPU UTILIZATION QlikView Scalability Center Technical Brief Series September 2012 qlikview.com Introduction This technical brief provides a discussion at a fundamental

More information

Windows Server Performance Monitoring

Windows Server Performance Monitoring Spot server problems before they are noticed The system s really slow today! How often have you heard that? Finding the solution isn t so easy. The obvious questions to ask are why is it running slowly

More information

Protecting Your Data With Encryption

Protecting Your Data With Encryption Protecting Your Data With Encryption Ed Leighton-Dick Kingfisher Technologies About Me Email: ed@leightondick.com Blog: edleightondick.com Twitter: @eleightondick 1 Agenda Why should we use encryption?

More information

Benchmark Hadoop and Mars: MapReduce on cluster versus on GPU

Benchmark Hadoop and Mars: MapReduce on cluster versus on GPU Benchmark Hadoop and Mars: MapReduce on cluster versus on GPU Heshan Li, Shaopeng Wang The Johns Hopkins University 3400 N. Charles Street Baltimore, Maryland 21218 {heshanli, shaopeng}@cs.jhu.edu 1 Overview

More information

Part V Applications. What is cloud computing? SaaS has been around for awhile. Cloud Computing: General concepts

Part V Applications. What is cloud computing? SaaS has been around for awhile. Cloud Computing: General concepts Part V Applications Cloud Computing: General concepts Copyright K.Goseva 2010 CS 736 Software Performance Engineering Slide 1 What is cloud computing? SaaS: Software as a Service Cloud: Datacenters hardware

More information

FPGAs for Trusted Cloud Computing

FPGAs for Trusted Cloud Computing FPGAs for Trusted Cloud Computing Traditional Servers Datacenter Cloud Servers Datacenter Cloud Manager Client Client Control Client Client Control 2 Existing cloud systems cannot offer strong security

More information

What is Really Needed to Secure the Internet of Things?

What is Really Needed to Secure the Internet of Things? What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices

More information

Parallels Virtuozzo Containers

Parallels Virtuozzo Containers Parallels Virtuozzo Containers White Paper Virtual Desktop Infrastructure www.parallels.com Version 1.0 Table of Contents Table of Contents... 2 Enterprise Desktop Computing Challenges... 3 What is Virtual

More information

Top 10 Encryption Myths

Top 10 Encryption Myths Top 10 Encryption Myths Executive Summary When you talk about encryption especially to someone who isn t a security specialist you often get a variety of interpretations. In general, encryption is most

More information

DIY Device Cloud Documentation

DIY Device Cloud Documentation DIY Device Cloud Documentation Release 1.0 Tony DiCola May 11, 2014 Contents 1 Overview 3 1.1 What is a device cloud?......................................... 3 1.2 Why do you want a device cloud?....................................

More information

Data Protection Appliance

Data Protection Appliance Data Protection The Data Protection (DPA) is an enterprise-grade backup appliance designed to protect physical and virtual environments. DPA is delivered as a virtual or physical appliance and includes

More information

WHITE PAPER RUN VDI IN THE CLOUD WITH PANZURA SKYBRIDGE

WHITE PAPER RUN VDI IN THE CLOUD WITH PANZURA SKYBRIDGE WHITE PAPER RUN VDI IN THE CLOUD WITH PANZURA What if you could provision VDI in the cloud as a utility, colocating ondemand VDI instances and data next to each other and close to your users, anywhere

More information

BASICS OF SCALING: LOAD BALANCERS

BASICS OF SCALING: LOAD BALANCERS BASICS OF SCALING: LOAD BALANCERS Lately, I ve been doing a lot of work on systems that require a high degree of scalability to handle large traffic spikes. This has led to a lot of questions from friends

More information

Enova X-Wall LX Frequently Asked Questions

Enova X-Wall LX Frequently Asked Questions Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)

More information

VERSION 1.0 MARCH 30, 2013

VERSION 1.0 MARCH 30, 2013 VERSION 1.0 MARCH 30, 2013 CUDA CRACKING PRESENTED BY: ROHIT SHAW XIARCH SOLUTIONS PVT LTD NEW DELHI Rohit Shaw Page 1 CUDA Cracking Compute Unified Device Architecture (CUDA) is a parallel computing architecture

More information

What is CUDA?... 3. Why do I care about CUDA?... 3. What is CUDA not?... 4. Getting started... 5. Nvidia-Drivers... 5. Overclocking...

What is CUDA?... 3. Why do I care about CUDA?... 3. What is CUDA not?... 4. Getting started... 5. Nvidia-Drivers... 5. Overclocking... 1 Table of Contents What is CUDA?... 3 Supported GPUs...3 Why do I care about CUDA?... 3 Where can I get this CUDA thing?. 4 What is CUDA not?... 4 Getting started... 5 Nvidia-Drivers.... 5 Overclocking...

More information

Key & Data Storage on Mobile Devices

Key & Data Storage on Mobile Devices Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography

More information

Password Manager with 3-Step Authentication System

Password Manager with 3-Step Authentication System Password Manager with 3-Step Authentication System Zhelyazko Petrov, Razvan Ragazan University of Westminster, London z.petrov@my.westminster.ac.uk, razvan.ragazan@my.westminster.ac.uk Abstract: A big

More information

Dynamic Resource Allocation and Data Security for Cloud

Dynamic Resource Allocation and Data Security for Cloud Dynamic Resource Allocation and Data Security for Cloud Rajesh M. Devakate Annasaheb Dange College of Engg. & Technology, Ashta, Maharashtra, India. Amol B. Rajmane Ashokrao Mane Group of Institutions,

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

WLAN Security Networking with Confidence

WLAN Security Networking with Confidence WLAN Security Networking with Confidence Introduction So you ve just installed a new wireless local area network (WLAN) in your small business or home. The access point is on and connected, the client

More information

Security Considerations for DirectAccess Deployments. Whitepaper

Security Considerations for DirectAccess Deployments. Whitepaper Security Considerations for DirectAccess Deployments Whitepaper February 2015 This white paper discusses security planning for DirectAccess deployment. Introduction DirectAccess represents a paradigm shift

More information

HOW ENCRYPTION WORKS. Introduction to BackupEDGE Data Encryption. Technology Overview. Strong Encryption BackupEDGE

HOW ENCRYPTION WORKS. Introduction to BackupEDGE Data Encryption. Technology Overview. Strong Encryption BackupEDGE HOW ENCRYPTION WORKS Technology Overview Strong Encryption BackupEDGE Introduction to BackupEDGE Data Encryption A major feature of BackupEDGE is the ability to protect archives containing critical client

More information

Sync Security and Privacy Brief

Sync Security and Privacy Brief Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical

More information

Is your data safe out there? -A white Paper on Online Security

Is your data safe out there? -A white Paper on Online Security Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects

More information

Cloud Computing Trends

Cloud Computing Trends UT DALLAS Erik Jonsson School of Engineering & Computer Science Cloud Computing Trends What is cloud computing? Cloud computing refers to the apps and services delivered over the internet. Software delivered

More information

Cost Savings Solutions for Year 5 True Ups

Cost Savings Solutions for Year 5 True Ups Cost Savings Solutions for Year 5 True Ups US Dept. of Energy EA Affigent/CDWG/Microsoft Realizing Cost Savings Now and Moving to a Dynamic Datacenter via your Current EA Enterprise Desktop Solutions to

More information

ipad in Business Security

ipad in Business Security ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security

More information

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0

APNIC elearning: Cryptography Basics. Contact: esec02_v1.0 APNIC elearning: Cryptography Basics Contact: training@apnic.net esec02_v1.0 Overview Cryptography Cryptographic Algorithms Encryption Symmetric-Key Algorithm Block and Stream Cipher Asymmetric Key Algorithm

More information

Cyber Security Practical considerations for implementing IEC 62351

Cyber Security Practical considerations for implementing IEC 62351 1. Introduction Cyber Security Practical considerations for implementing IEC 62351 Frank Hohlbaum, Markus Braendle, Fernando Alvarez ABB frank.hohlbaum@ch.abb.com Switzerland Two trends are currently changing

More information

CrackLord: Maximizing Computing Resources BlackHat USA 2015

CrackLord: Maximizing Computing Resources BlackHat USA 2015 CrackLord: Maximizing Computing Resources BlackHat USA 2015 Michael McAtee, Manager, Crowe Horwath LLP Lucas Morris, Senior Manager, Crowe Horwath LLP Abstract As IT security professionals, we have the

More information

Graphics Cards and Graphics Processing Units. Ben Johnstone Russ Martin November 15, 2011

Graphics Cards and Graphics Processing Units. Ben Johnstone Russ Martin November 15, 2011 Graphics Cards and Graphics Processing Units Ben Johnstone Russ Martin November 15, 2011 Contents Graphics Processing Units (GPUs) Graphics Pipeline Architectures 8800-GTX200 Fermi Cayman Performance Analysis

More information

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For Secure Socket Layer Secure Socket Layer Introduction Overview of SSL What SSL is Useful For Introduction Secure Socket Layer (SSL) Industry-standard method for protecting web communications. - Data encryption

More information

NVIDIA CUDA Software and GPU Parallel Computing Architecture. David B. Kirk, Chief Scientist

NVIDIA CUDA Software and GPU Parallel Computing Architecture. David B. Kirk, Chief Scientist NVIDIA CUDA Software and GPU Parallel Computing Architecture David B. Kirk, Chief Scientist Outline Applications of GPU Computing CUDA Programming Model Overview Programming in CUDA The Basics How to Get

More information

Cisco Integrated Services Routers Performance Overview

Cisco Integrated Services Routers Performance Overview Integrated Services Routers Performance Overview What You Will Learn The Integrated Services Routers Generation 2 (ISR G2) provide a robust platform for delivering WAN services, unified communications,

More information

How to Store Data to the Cloud without giving the Cloud anything Jason Resch Cleversafe

How to Store Data to the Cloud without giving the Cloud anything Jason Resch Cleversafe How to Store Data to the Cloud without giving the Cloud anything Jason Resch Cleversafe Topics Barriers to cloud storage adoption Reliability concerns Security concerns Conventional Solutions Replication,

More information

Achieving business benefits through automated software testing. By Dr. Mike Bartley, Founder and CEO, TVS (mike@testandverification.

Achieving business benefits through automated software testing. By Dr. Mike Bartley, Founder and CEO, TVS (mike@testandverification. Achieving business benefits through automated software testing By Dr. Mike Bartley, Founder and CEO, TVS (mike@testandverification.com) 1 Introduction During my experience of test automation I have seen

More information

Today ENCRYPTION. Cryptography example. Basic principles of cryptography

Today ENCRYPTION. Cryptography example. Basic principles of cryptography Today ENCRYPTION The last class described a number of problems in ensuring your security and privacy when using a computer on-line. This lecture discusses one of the main technological solutions. The use

More information

Security Architecture Whitepaper

Security Architecture Whitepaper Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer

More information

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015 Chapter 2: Introduction to Cryptography What is cryptography? It is a process/art of mangling information in such a way so as to make it

More information

white paper How to Offer SSL Encryption

white paper How to Offer SSL Encryption How to Offer the Strongest SSL Encryption Contents 1 Two Levels of SSL Encryption 1 Factors Determining Encryption Level 2 The Only Leading Provider to Offer SGC 2 Can You Afford Not to? 3 Learn More 3

More information

Information and Network Security Certificate Program

Information and Network Security Certificate Program Information and Network Security Certificate Program University of California, Irvine, P.O. Box 6050, Irvine, CA 92612-6050 www.extension.uci.edu PROGRAM DESCRIPTION Data security is critical and increasingly

More information

Using BroadSAFE TM Technology 07/18/05

Using BroadSAFE TM Technology 07/18/05 Using BroadSAFE TM Technology 07/18/05 Layers of a Security System Security System Data Encryption Key Negotiation Authentication Identity Root Key Once root is compromised, all subsequent layers of security

More information

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two

More information

The Seven Habits of State-of-the-Art Mobile App Security

The Seven Habits of State-of-the-Art Mobile App Security #mstrworld The Seven Habits of State-of-the-Art Mobile App Security Mobile Security 8 July 2014 Anand Dwivedi, Product Manager, MicroStrategy strworld Agenda - Seven Habits of State of the Art Mobile App

More information

CHAPTER 1 INTRODUCTION

CHAPTER 1 INTRODUCTION CHAPTER 1 INTRODUCTION 1.0 Introduction Voice over Internet Protocol (VoIP) is the most popular in telecommunication technology. Nowadays, three million users use VoIP. It is estimated that the number

More information

High Performance Computing Cloud Computing. Dr. Rami YARED

High Performance Computing Cloud Computing. Dr. Rami YARED High Performance Computing Cloud Computing Dr. Rami YARED Outline High Performance Computing Parallel Computing Cloud Computing Definitions Advantages and drawbacks Cloud Computing vs Grid Computing Outline

More information

Security in Android apps

Security in Android apps Security in Android apps Falco Peijnenburg (3749002) August 16, 2013 Abstract Apps can be released on the Google Play store through the Google Developer Console. The Google Play store only allows apps

More information