Acceleration attacks on PBKDF2 Or, what is inside the black-box of oclHashcat?
Acceleration attacks on PBKDF2 Or, what is inside the black-box of oclHashcat?
The Password Based Key Derivation Function v2 (PBKDF2) is an important cryptographic primitive that has practical relevance to many widely deployed security systems. We investigate accelerated attacks on PBKDF2 with commodity GPUs, reporting the fastest attack on the primitive to date, outperforming the previous state-of-the-art oclHashcat. We apply our attack to Microsoft .NET framework, showing that a consumer-grade GPU can break an ASP.NET password in less than 3 hours, and we discuss the application of our attack to WiFi Protected Access (WPA2). We consider both algorithmic optimisations of crypto primitives and OpenCL kernel code optimisations and empirically evaluate the contribution of individual optimisations on the overall acceleration. In contrast to the common view that GPU acceleration is primarily driven by massively parallel hardware architectures, we demonstrate that a proportionally larger contribution to acceleration is made through effective algorithmic optimisations. Our work also contributes to understanding what is going on inside the black box of oclHashcat.
Ruddick, Andrew
c02de191-ea67-4866-95f7-6ad7af4fdb90
Yan, Jeff
a2c03187-3722-46c8-b73b-439eb9d1a10e
2016
Ruddick, Andrew
c02de191-ea67-4866-95f7-6ad7af4fdb90
Yan, Jeff
a2c03187-3722-46c8-b73b-439eb9d1a10e
Ruddick, Andrew and Yan, Jeff
(2016)
Acceleration attacks on PBKDF2 Or, what is inside the black-box of oclHashcat?
10th USENIX Workshop on Offensive Technologies, WOOT 2016, , Austin, United States.
08 - 09 Aug 2016.
Record type:
Conference or Workshop Item
(Paper)
Abstract
The Password Based Key Derivation Function v2 (PBKDF2) is an important cryptographic primitive that has practical relevance to many widely deployed security systems. We investigate accelerated attacks on PBKDF2 with commodity GPUs, reporting the fastest attack on the primitive to date, outperforming the previous state-of-the-art oclHashcat. We apply our attack to Microsoft .NET framework, showing that a consumer-grade GPU can break an ASP.NET password in less than 3 hours, and we discuss the application of our attack to WiFi Protected Access (WPA2). We consider both algorithmic optimisations of crypto primitives and OpenCL kernel code optimisations and empirically evaluate the contribution of individual optimisations on the overall acceleration. In contrast to the common view that GPU acceleration is primarily driven by massively parallel hardware architectures, we demonstrate that a proportionally larger contribution to acceleration is made through effective algorithmic optimisations. Our work also contributes to understanding what is going on inside the black box of oclHashcat.
This record has no associated files available for download.
More information
Published date: 2016
Additional Information:
Publisher Copyright:
© 2016 USENIX Association. All rights reserved.
Venue - Dates:
10th USENIX Workshop on Offensive Technologies, WOOT 2016, , Austin, United States, 2016-08-08 - 2016-08-09
Identifiers
Local EPrints ID: 504142
URI: http://eprints.soton.ac.uk/id/eprint/504142
PURE UUID: c9d0f728-2b3d-48df-9e15-ec9a4772eab8
Catalogue record
Date deposited: 27 Aug 2025 16:49
Last modified: 27 Aug 2025 16:49
Export record
Contributors
Author:
Andrew Ruddick
Author:
Jeff Yan
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics