Presented at DEF CON 13 (2005)
July 29, 2005, 2:30 p.m.
Encryption is simply the act of obfuscating something to the point that it would take too much time or money for an attacker to recover it. Many algorithms have time after time failed due to Moore's law or large budgets or resources (e.g. distributed.net). There have been many articles published on cracking crypto using specialized hardware, but many were never fully regarded as being practical attacks. Slowly FPGAs (Field Programmable Gate Arrays) have become affordable to consumers and advanced enough to implement some of the conventional software attacks extremely efficiently in hardware. The result is performance up to hundreds of times faster than a modern PC.
This presentation will provide a walk through on how FPGAs work, review their past applications with crypto cracking, present basic tips and pointers to developing a fast and efficient crypto cracking design, discuss overclocking FPGAs, and analyze the future growth of FPGA hardware and it's relation to current crypto ciphers. Then, a new open source DES cracking engine will be released and demonstrated which is able to crack windows Lanman and NTLM passwords at a rate over 600,000,000 crypts per second on a single low-cost Virtex-4 LX25 FPGA and provide brute-force performance comparable to lookups on a hard-drive based rainbowtable attack.
David Hulton / h1kari
- Dachb0den Labs
as David Hulton
David Hulton is one of the founding members of Pico Computing, Inc., a manufacturer of compact embedded FPGA computers and dedicated to developing revolutionary open source applications for FPGA systems. He is also one of the founding members of Dachb0den Research Labs, a non-profit security research think-tank, is currently the Chairman of ToorCon Information Security Conference and has helped start many of the security and unix oriented meetings in San Diego, CA.