Presented at
DeepSec 2017 „Science First!“,
Unknown date/time
(Unknown duration).
BitLocker is a full-disk encryption feature available in recent Windows versions. It is designed to protect data by providing encryption for entire volumes and it makes use of a number of different authentication methods. In this work we present a solution, named BitCracker, to attempt the decryption, by means of a dictionary attack, of memory units encrypted by BitLocker with a user supplied password. To that purpose, we resort to GPU (Graphics Processing Units) that are, by now, widely used as general-purpose coprocessors in high performance computing applications.
BitLocker decryption process requires the execution of a very large number of SHA-256 hashes and also AES, so we propose a very fast solution, highly tuned for Nvidia GPU, for both of them. In addition we take the advantage of a weakness in the BitLocker decryption algorithm to speed up the execution of our attack.
We benchmark our solution using the three most recent Nvidia GPU architectures (Kepler, Maxwell and Pascal), carrying out a comparison with the Hashcat password cracker.
Finally, our OpenCL implementation of BitCracker has been recently released within John The Ripper, Bleeding-Jumbo version.
Presenters:
-
Elena Agostini
- National Research Council of Italy
Elena Agostini received her PhD in Computer Science from the University of Rome "La Sapienza" in collaboration with the National Research Council of Italy. The main topics of her research are GPUs used both for cryptanalysis or communications and wireless network protocols.
Links:
Similar Presentations: