Presentation is loading. Please wait.

Presentation is loading. Please wait.

GPU ASSISTED LM HASH CRACKING WILLIAM GROESBECK UNIVERSITY OF NEVADA, RENO – SPRING 2013 (Psst, the 90’s called - they want their hashing algorithm back)

Published byRudolph Rose Modified over 8 years ago

Similar presentations

Presentation on theme: "GPU ASSISTED LM HASH CRACKING WILLIAM GROESBECK UNIVERSITY OF NEVADA, RENO – SPRING 2013 (Psst, the 90’s called - they want their hashing algorithm back)"— Presentation transcript:

1 GPU ASSISTED LM HASH CRACKING WILLIAM GROESBECK UNIVERSITY OF NEVADA, RENO – SPRING 2013 (Psst, the 90’s called - they want their hashing algorithm back)

2 Outline  What is the LM Hash?  What makes it so terrible?  How do we generate it?  Why would we want to?  Sequential Implementation  Parallel Plans  Questions

3 What is the LM Hash  (Mostly) obsolete, password hashing function  Obsolete because it was compromised  Used < Windows NT  Could be manually disabled via group policy  Vista and Windows Server 2k8 disabled LM hash by default

4 What makes it so terrible?  See: How do we generate it?

5 How do we generate it?  Step 1: Start with password provided by user  (As long as it’s <=14 ASCII characters)  Step 2: 14 characters is really too many  Split it into two 7-byte halves  Step 3: Case sensitivity is really overrated  Convert everything to uppercase  Step 4: Okay, now we can get to work  Use each 7-byte half to DES encrypt the ASCII string “KGS!@#$%”  ( K ey of G len Zorn and S teve Cobb & Shift + 1 2 3 4 5 )

6 How do we generate it?  Step 1: Start with password provided by user  <=14ASCIIchars  Step 2: 14 characters is really too many  Split it into two 7-byte halves  Step 3: Case sensitivity is really overrated  Convert everything to uppercase  Step 4: Okay, now we can get to work  Use each 7-byte half to DES encrypt the ASCII string “KGS!@#$%”  ( K ey of G len Zorn and S teve Cobb & Shift + 1 2 3 4 5 ) Max Keyspace: 95^14 or 2^92

7 How do we generate it?  Step 1: Start with password provided by user  <=14ASCIIchars  Step 2: 14 characters is really too many  Split it into two7-byte halves  Step 3: Case sensitivity is really overrated  Convert everything to uppercase  Step 4: Okay, now we can get to work  Use each 7-byte half to DES encrypt the ASCII string “KGS!@#$%”  ( K ey of G len Zorn and S teve Cobb & Shift + 1 2 3 4 5 ) Max Keyspace: 95^14 or 2^92 95^7 or 2^46

8 How do we generate it?  Step 1: Start with password provided by user  <=14ASCIICHARS  Step 2: 14 characters is really too many  Split it into two7-byte halves  Step 3: Case sensitivity is really overrated  Convert everything to UPPERCASE  Step 4: Okay, now we can get to work  Use each 7-byte half to DES encrypt the ASCII string “KGS!@#$%”  ( K ey of G len Zorn and S teve Cobb & Shift + 1 2 3 4 5 ) Max Keyspace: 95^14 or 2^92 95^7 or 2^46 69^7 or 2^43

9 How do we generate it?  Step 1: Start with password provided by user  6d930e4dc7d5f3c691b9bafbe80a3a3c  Step 2: 14 characters is really too many  Split it into two7-byte halves  Step 3: Case sensitivity is really overrated  Convert everything to UPPERCASE  Step 4: Okay, now we can get to work  Use each 7-byte half to DES encrypt the ASCII string “KGS!@#$%”  ( K ey of G len Zorn and S teve Cobb & Shift + 1 2 3 4 5 ) Max Keyspace: 95^14 or 2^92 95^7 or 2^46 69^7 or 2^43

10 Intermission: A bit about DES (I’m sorry!)  Block cipher  Symmetric algorithm  Considered insecure because brute force  Uses 64-bit (56-bit, actually) key to encrypt 64-bit block of plaintext  Consists of bit shifts, permutations, and substitutions  For LM Hash, plaintext is always KGS!@#$% and key is 7-bytes of password

11 Intermission: A bit about DES Step-by-Step (repeat for each half of key used for LM hash)  Step 4.1: Generate 16 separate keys (one for each round) 1. Permute input key according to PC-1 (returns 56-bit permuted key) 2. Split permuted key into left and right halves 3. For 1<=n<=16, left shift each half by either 1 or 2 left shifts 4. For 1<=n<=16, run concatenated pairs through PC-2  Returns 16x 48-bit keys

12 Intermission: A bit about DES  Step 4.2: Permute plaintext (KGS!@#$%) according to IP  Step 4.3: Split permuted plaintext into two halves (returns 2 32-bit halves)  Step 4.4: For 16 rounds:  L n = R n-1  R n = L n-1 ⊕ f (R n-1, K n )where f is Feistel Function

13 Intermission: A bit about DES  Feistel Function (Takes 32-bit half-block and 48-bit subkey) 1. Expand 32-bit half-block to 48-bits using expansion permutation 2. XOR expanded half-block and round key 3. Split 48-bit result into 8 6-bit pieces 4. Pass 6-bit pieces through 8 separate “S-boxes” 1. 6-bits to 4-bits 2. ex: 0 1101 1 -> 01 (Row) 0 1101 1 -> 1101 (Column) 5. Permute 32-bit combined S-box result S-Box 1 Column Row0123456789101112131415 01441312151183106125907 10157414213110612119 5 38 24114813621115129731050 315128249171511314100613 (8x 6-bit -> (S-boxes) -> 8x 4-bit -> (permutation) -> 32-bit result)

14 Intermission: A bit about DES  Step 4.2: Permute plaintext (KGS!@#$%) according to IP  Step 4.3: Split permuted plaintext into two halves (returns 2 32-bit halves)  Step 4.4: For 16 rounds:  L n = R n-1  R n = L n-1 ⊕ f (R n-1, K n )where f is Feistel Function  Step 4.5: Concatenate Right and Left values (R 16 L 16 returns 64-bits)  Step 4.6: Perform Final permutation (IP -1 )

15 How do we generate it? (cont’d)  Step 5: Concatenate output of DES encryption of halves  Leaves us with a 16-byte result  Step 6: Bask in a feeling of overwhelming security Fun fact: If half of the password is empty, it will return 0xAAD3B435B51404EE Thus, the LM hash for an empty password is AAD3B435B51404EEAAD3B435B51404EE

16 Why would we want to?  Many simple operations  Repeated many times  Seems like a natural fit for parallelization

17 Sequential Implementation  Start with empty, 7-byte password  While left and right hashes haven’t been matched -AND-  Still more passwords to try  Get hash from password  Does it match the left hash?  How about the right?  Increment the password by one character Can be set to only A-Z, alpha-numeric, or all ASCII characters A B C.. AA AB AC … AAA AAB AAC … AAAA AAAB AAAC … etc…

18 Sequential Implementation  Tested using password “abcd”  LM Hash is E165F0192EF85EBB AAD3B435B51404EE  Timing  A-Z only (26 characters): 6.5sec, 72,385 passwords  A-Z,0-9 (36 characters) only: 17sec,190,585 passwords  All ASCII Chars (69 characters): 143sec,1,328,458 passwords

19 Sequential Implementation Not very pretty. But it works.

20 Parallel Plans  Port over to CUDA-land  One hash per thread  Minimal data transfers  Target hashes -> Device  Found passwords -> Host

21 ?

Download ppt "GPU ASSISTED LM HASH CRACKING WILLIAM GROESBECK UNIVERSITY OF NEVADA, RENO – SPRING 2013 (Psst, the 90’s called - they want their hashing algorithm back)"

Similar presentations

6.1.2 Overview DES is a block cipher, as shown in Figure 6.1.

6.1.2 Overview DES is a block cipher, as shown in Figure 6.1.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)

Rachana Y. Patil 1 Data Encryption Standard (DES) (DES)
Modern Cryptography.

Modern Cryptography.
Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.

Cryptography1 CPSC 3730 Cryptography Chapter 3 DES.
DES 1 Data Encryption Standard DES 2 Data Encryption Standard  DES developed in 1970’s  Based on IBM Lucifer cipher  U.S. government standard  DES.

DES 1 Data Encryption Standard DES 2 Data Encryption Standard  DES developed in 1970’s  Based on IBM Lucifer cipher  U.S. government standard  DES.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
ICS 454: Principles of Cryptography

ICS 454: Principles of Cryptography
Lecture 23 Symmetric Encryption

Lecture 23 Symmetric Encryption
Chapter 3 – Block Ciphers and the Data Encryption Standard

Chapter 3 – Block Ciphers and the Data Encryption Standard
CSE 651: Introduction to Network Security

CSE 651: Introduction to Network Security
Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.

Data Encryption Standard (DES). Symmetric Cryptography  C = E(P,K)  P = D(C,K)  Requirements  Given C, the only way to obtain P should be with  the.
The Digital Encryption Standard CSCI 5857: Encoding and Encryption.

The Digital Encryption Standard CSCI 5857: Encoding and Encryption.
Frank Rowe John Gaetano Chuck Figiel.  CryptoViz implements and visualizes the Data Encryption Standard (DES) algorithm.  DES was used by the government.

Frank Rowe John Gaetano Chuck Figiel.  CryptoViz implements and visualizes the Data Encryption Standard (DES) algorithm.  DES was used by the government.
A Cryptography Education Tool Anna Yu Department of Computer Science College of Engineering North Carolina A&T State University June 18, 2009.

A Cryptography Education Tool Anna Yu Department of Computer Science College of Engineering North Carolina A&T State University June 18, 2009.

Similar presentations

Ads by Google