Still being still a Nintendo forensics nubie I was using the zip crack app of this "kit" http//
Your questions , statements or oaths are welcome.
It is unfortunate that not all programs that could utilize as much processing as possible are still not multi-processor aware. That is part of the reason I use DNA from AccessData. It is a networkable/multiprocessor cracker. I am still trying to justify the $$ for the Tableau accelerator.
Ouch. $5K per TACC1441. But, if one TACC1441 can "out perform" a midsize DNA cluster, that may be a bargain. Depends on what "midsize" means. If that's anything more than 5 systems and you're starting from scratch, the TACC1441 might be the way to go.
-David
E5Pro
Running a Passware / Elcom prog on 2 pcs/Cpu's, in real terms, to crack a Word document (40bit ) would fetch it down from say 6 days to 3 (true brute force for g'teed crack). Compare with Rainbow tables in under a minute.
i did a rough head calc and to get that sort of performance increase i divided down over a network of PC's and reckoned on needing 256+ to bring it down to minutes. (ok it was a couple of yrs back))
checkout from p29 here. FPGA's and ASIC's,
www (dot)
Although from 2004 the relative comparisons should still work.
It's easy to be mesmerised by a x10 - x30 increase in speed shown by Tableau.
But,see how far a factor of 10 goes in the above slidesheet with an appropriate increase in keystrength. whats default now 128/256 ?
the other optimization that isn't mentioned is the order in which candidate passwords are fed in.
But yes, all other things being equal, hardware is the way to go given sufficient monetary resource.
Kern
Greetings,
And 256 PCs, or even 25 PCs, have a considerable operating cost and large space requirements. An 8TB file server for the rainbow tables doesn't take up that much space, or cost all that much, these days.
-David
kovar,
yeh, sorry, i just re read my above… by hardware i was meaning FPGA's and ASIC's
as you mentioned, large numbers of PC's are ok if your in an organisation …
did you checkout the pdf file slides ?
K
Greetings,
I just went back and read the slides. Interesting, and way out of date. Which makes it more interesting in a way.
If you Google "FPGA password crack" and variants, there's a lot of stuff out there, like
http//nsa.unaligned.org/ - SHA1 and MD5 hardware brute force cracker built from surplus video transformation boards.
http//
Now you've got me really curious….
-David
lol, yeh i've done some reading too, and i'm more befuddled than ever.
When i started messing with this, John the ripper was all the rage.
Then it got all muddled.
application specific software like Passware/Elcomsoft.
comparing such with hardwire devices asic/fpga.
john-tailored-to-processor, parallel John, DJon or cisilia.
Then its distributed network kit or multiproc for Apps specific progs.
Came along the Rainbow tables when storage wasn't exactly cheap.
Ideal application was against the 40bit nonsense on the MS Office kit.
Now storage is cheaper, it's more of a reality.
At one time every man and his dog had the ability to try his hand, but in todays climate i'm wondering if its going the way of film special effects. One or two Elite labs that folks just hire per job.
thought provoking.
Kern
Greetings,
You just touched on something we've been pondering - if we're going to build up these resources for our own purposes, can we sell access to these resources somehow?
There are clearly companies already doing so, and others that could but choose not to. What are the pros and cons?
-David
Pros income.
Cons cost, especially electricity. And there are the headaches of managing a server farm, keeping it running and cool. Not really problems if you have staff, but the startup costs can be steep. Google has some really big server farms, but you will want to read up on their electricity and cooling headaches. The new "Green" HP blades are supposed to be really energy efficient, probably with a really green ($$$) cost. Another big factor would be security, both physical and network.