Less good against non-NTLM passwords ... from my comment last time:
Taking SHA-1 (which YOU MUST NOT USE for password hashing blah), it only manages 63 billion a second. To try all the passwords for that in the alphanumeric space:
All of which demonstrates the importance of requiring longer passwords. Also, keep in mind that these are maximum times required to crack a password and not the average times.
NTLM hashes are stored in Active Directory servers as one round of unsalted MD4. It's plain MD4. Not many people know this and I only point it out as it's important to understand that when talking about how many cracks per second they are getting.
Impressive as the numbers are, it's worth remembering that this is an "offline crack", going against a stolen list of encrypted passwords. If they can steal your database of encrypted passwords, you've got a problem no matter how strong the passwords are.
How many guesses per second do you get in a typical online crack? E.g., a script kiddie trying to guess your cloud server's SSH password?
These hash functions are made to be fast to hash :P
Check out the NIST competition, they picked the fastest hash that can be calculated with special hardware :)
People who want real offline password security should use slow hash functions (and passphrases of course).
it's my understanding that NTLM hashes are sent over the wire...? therefore any machine on the local network could intercept this hash via network-level attacks such as ARP poisoning, WiFi attacks, etc. Then the cracking box would quite happily and easily brute force the entire 8 char keyspace and reveal the pass.
it's a different threat model to hash+email retrieval via sql injection which can lead to all sorts of nastiness involving hijacking email and then other accts
I remember back when I was doing a network engineering course the guys could crack a windows password in minutes offline, simple matter of grabbing the database from the machine. I think once you have the machine offline unless you encrypt the data your pretty screwed regardless..
When was this? I know older windows versions stored passwords in plain text... I can't remember when they switched to hashed passwords but I think it was around XP or Vista
Guess what? Back in 2009, I started using a method to remember long passwords with a huge # of letters, numbers, & special characters.
Gw?Bi2009Isuamtrlpwah#ol,n,&sc. (31 characters)
Create memorable sentences and create a password using the first letter of each word & all the numbers and punctuation. After entering it 10 or so times you'll get used to it pretty quickly.
or you can literally write the whole sentence, which is even more secure and you don't have to remember any special rules, just the sentence itself. Of course it's more typing:
Guess what? Back in 2009 I saw a uniquely attired man traipsing round local places with a high number of legs, necks and shirt collars.
136 characters or 14 Gigayears to crack. Wow today I learnt that there's such a thing as a Gigayear.
I'm not sure there is much significance to this article.
It points out "The technique doesn't apply to online attacks, because, among other reasons, most websites limit the number of guesses that can be made for a given account."
I think what they're referring to is having access to the physicial harddisk. In linux terms it would equate to having a copy of the /etc/passwd file.
For example the FBI seizes someones computer. This would allow them to brute force without said restriction.
So yes, from an online, or standard entry viewpoint this is a moot point. Also a properly encrypted hard drive using something like truecrypt is still pretty impenetrable regardless.
Offline attacks matter. The last few years have seen a continuous stream of high profile account database leaks. There are now some 1 billion known real user selected passwords that are readily downloaded from any of a number of shady sites.
It is irrational to assume that password database leaks won't continue.
The hashing scheme and salting matters less and less, as the total entropy humans can conveniently recall is quite limited and moore's law keeps marching.
We need a fundamental rethinking of security and identity on the internet, and IMHO the OSS world needs to get there before partisan commercial interestes.
Thinking about it some more. Is the only practical exploit of this the case where a rogue sysadmin wants to figure out user passwords (without resetting the password and therefore alerting the user)?
For comparison, a couple weeks ago Oak Ridge National Laboratory's Titan computer topped the Top500 list for fastest supercomputer in the world (although that title is a bit misleading). Here's the specs on Titan:
18,688 AMD Opteron 6274 16-core CPUs
18,688 Nvidia Tesla K20 GPUs
17.59 petaflops
Titan displaced Sequoia (at Lawrence Livermore National Laboratory) from the top spot on Top500. Interestingly enough, Sequoia uses a very different architecture, based on 16-core PowerPC A2 nodes rather than GPUs. Sequoia also has about 1.6PB of memory, while Titan "only" has 1PB.
Both computers have reasonably different use cases. GPUs are great for embarrassingly parallel, non-memory intensive tasks like brute forcing passwords. But all of the rumors about the NSA's massive data analysis needs suggests that they may need a cluster that resembles Sequoia (with fewer cores, but larger caches and available memory) more than Titan.
I wouldn't call a big cluster of commodity hardware simply commodity hardware because then many of the top supercomputers of the world are commodity hardware.
The combination is exotic enough to be considered non-commodity hardware.
I know for practical purposes this doesn't seem like that big of a deal, but you have to understand that 8 chars of mixed case, numbers, and symbols is still a gigantic key space. That this can be done so quickly on commodity hardware is pretty impressive.
[+] [-] peteretep|13 years ago|reply
Taking SHA-1 (which YOU MUST NOT USE for password hashing blah), it only manages 63 billion a second. To try all the passwords for that in the alphanumeric space:
- 10 chars: 35 weeks
- 11 chars: 44 years
- 12 chars: 2,800 years
- 16 chars: 11 times the age of the sun
10 chars for bcrypt: 600,000 years...
http://www.wolframalpha.com/input/?i=%2865**16+%2F+63+billio...
[+] [-] joshmaker|13 years ago|reply
- 6 chars: 1.2 seconds
All of which demonstrates the importance of requiring longer passwords. Also, keep in mind that these are maximum times required to crack a password and not the average times.
[+] [-] muyuu|13 years ago|reply
Lloyd: What are my chances?
Mary: Not good.
Lloyd: You mean, not good like one out of a hundred?
Mary: I'd say more like one out of a million.
[pause]
Lloyd: So you're telling me there's a chance... YEAH!
[+] [-] jwilliams|13 years ago|reply
Upshot - it's impressive, but NTLM already known as an vulnerable target.
[+] [-] 16s|13 years ago|reply
[+] [-] cynwoody|13 years ago|reply
How many guesses per second do you get in a typical online crack? E.g., a script kiddie trying to guess your cloud server's SSH password?
[+] [-] ramidarigaz|13 years ago|reply
The particularly persistent IPs get a special iptables rule.
[+] [-] mitchi|13 years ago|reply
[+] [-] plaguuuuuu|13 years ago|reply
it's a different threat model to hash+email retrieval via sql injection which can lead to all sorts of nastiness involving hijacking email and then other accts
[+] [-] madao|13 years ago|reply
[+] [-] Blara|13 years ago|reply
[+] [-] ChrisNorstrom|13 years ago|reply
Gw?Bi2009Isuamtrlpwah#ol,n,&sc. (31 characters)
Create memorable sentences and create a password using the first letter of each word & all the numbers and punctuation. After entering it 10 or so times you'll get used to it pretty quickly.
[+] [-] phpnode|13 years ago|reply
[+] [-] rjempson|13 years ago|reply
It points out "The technique doesn't apply to online attacks, because, among other reasons, most websites limit the number of guesses that can be made for a given account."
Same applies to Windows.
[+] [-] ramblerman|13 years ago|reply
For example the FBI seizes someones computer. This would allow them to brute force without said restriction.
So yes, from an online, or standard entry viewpoint this is a moot point. Also a properly encrypted hard drive using something like truecrypt is still pretty impenetrable regardless.
[+] [-] jasonwatkinspdx|13 years ago|reply
It is irrational to assume that password database leaks won't continue.
The hashing scheme and salting matters less and less, as the total entropy humans can conveniently recall is quite limited and moore's law keeps marching.
We need a fundamental rethinking of security and identity on the internet, and IMHO the OSS world needs to get there before partisan commercial interestes.
[+] [-] rjempson|13 years ago|reply
[+] [-] pserwylo|13 years ago|reply
[+] [-] rayval|13 years ago|reply
Original title: "25-GPU cluster cracks every standard Windows password in <6 hours"
[+] [-] rayval|13 years ago|reply
[+] [-] patrickgzill|13 years ago|reply
[+] [-] apawloski|13 years ago|reply
18,688 AMD Opteron 6274 16-core CPUs
18,688 Nvidia Tesla K20 GPUs
17.59 petaflops
Titan displaced Sequoia (at Lawrence Livermore National Laboratory) from the top spot on Top500. Interestingly enough, Sequoia uses a very different architecture, based on 16-core PowerPC A2 nodes rather than GPUs. Sequoia also has about 1.6PB of memory, while Titan "only" has 1PB.
Both computers have reasonably different use cases. GPUs are great for embarrassingly parallel, non-memory intensive tasks like brute forcing passwords. But all of the rumors about the NSA's massive data analysis needs suggests that they may need a cluster that resembles Sequoia (with fewer cores, but larger caches and available memory) more than Titan.
[+] [-] SenorWilson|13 years ago|reply
[+] [-] muyuu|13 years ago|reply
The combination is exotic enough to be considered non-commodity hardware.
[+] [-] jiggy2011|13 years ago|reply
[+] [-] iamchrisle|13 years ago|reply
[+] [-] rtkwe|13 years ago|reply
[+] [-] dj_sa|13 years ago|reply
[deleted]
[+] [-] mikejordan|13 years ago|reply
[deleted]
[+] [-] spqr|13 years ago|reply
[deleted]
[+] [-] recoiledsnake|13 years ago|reply
[+] [-] apawloski|13 years ago|reply
[+] [-] jiggy2011|13 years ago|reply
[+] [-] namank|13 years ago|reply