1 / 40

Neelam Agrawal Rodney Beede Yogesh Virkar

PZAPR Parallel Zip Archive Password Recovery CSCI5576 - High Perf Sci Computing Univ. of Colorado Spring 2011. Neelam Agrawal Rodney Beede Yogesh Virkar. 2011-04-29. Topics. The Team Introduction Framework Brute Force Dictionary Password Verification Process Data Collection

ricky
Download Presentation

Neelam Agrawal Rodney Beede Yogesh Virkar

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PZAPRParallel Zip Archive Password RecoveryCSCI5576 - High Perf Sci ComputingUniv. of ColoradoSpring 2011 Neelam AgrawalRodney Beede Yogesh Virkar 2011-04-29

  2. Topics • The Team • Introduction • Framework • Brute Force • Dictionary • Password Verification Process • Data Collection • Results & Conclusions • Questions

  3. Introduction • ZipCrypto was first ZIP encryption • Easily defeated • AES-256 • Standard • 2003 integrated into ZIP spec • Password recovery of ZIP's not new • Proprietary companies • Open source solution • Free (if you have hardware)

  4. Framework • MPI with C++ & C • 3 Components • Password Generator • Brute Force • Dictionary • Password Verification • Command Parameters • Log Path • Zip Path • Method (BRUTE | DICTIONARY) • Dictionary Path

  5. Initialize password generator  Initialize decrypt engine Framework (cont) NO MORE? Next Password(BRUTE|DICTIONARY) AttemptPassword() Correct? YES NO Anyone Else Find It? Tell Everyone Else I Found It YES NO END

  6. Brute Force • All alphanumeric from 1 to 7 length • 0-9, A-Z, a-z • 62 possible characters •  3,579,345,993,194 possible passwords • 62^7 + 62^6 + ... 62^1 • Traditional increment • 'a' + 1 ==> 'b' • 'az' + 1 ==> 'b0' • Not feasible for parallel

  7. Brute Force - Algorithm • Pick number from 1 to 3 trillion • Called position • Know password without increment • The Algorithm:     f(position) =         factor1 * (ALPHA_LEN)^(n - 1)      + factor2 * (ALPHA_LEN)^(n - 2)      + ...      + factorn-1 * (ALPHA_LEN)^(n - (n-1))      + factorn * (ALPHA_LEN)^(n - n)

  8. Brute Force - Algorithm (cont)     f(position) =         factor1 * (ALPHA_LEN)^(n - 1)      + factor2 * (ALPHA_LEN)^(n - 2)      + ...      + factorn-1 * (ALPHA_LEN)^(n - (n-1))      + factorn * (ALPHA_LEN)^(n - n) • ALPHA_LEN => Alphabet length • Number possible characters • 62 (easy to expand)

  9. Brute Force - Algorithm (cont)     f(position) =         factor1 * (ALPHA_LEN)^(n - 1)      + factor2 * (ALPHA_LEN)^(n - 2)      + ...      + factorn-1 * (ALPHA_LEN)^(n - (n-1))      + factorn * (ALPHA_LEN)^(n - n) • n = PASSWORD LENGTH • Start at maximum possible (7) • Based on position find max possible < position • Password length is 1 more than that length

  10. Brute Force - Algorithm (cont)     f(position) =         factor1 * (ALPHA_LEN)^(n - 1)      + factor2 * (ALPHA_LEN)^(n - 2)      + ...      + factorn-1 * (ALPHA_LEN)^(n - (n-1))      + factorn * (ALPHA_LEN)^(n - n) • factori is the ith character of the password • No factor can be zero • Must borrow from previous if zero • factori points to alphabet array index

  11. Brute Force - Example • position = 1,000,000 • ALPHA_LEN = 62 • n = 4  (password length)     f(1,000,000) =         factor1 * (62)^(3)      + factor2 * (62)^(2)      + factor3 * (62)^(1)      + factor4 * (62)^(0)     factors = 4, 12, 9, 2

  12. Brute Force - Example (cont) • factors = 4, 12, 9, 2 • Correspond to alphabet indexes const char PASSWORD_ALPHABET[] = { '\0',  // always idx 0 '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' }; • PASSWORD = '3', 'B', '8', '1'  or  "3B81"

  13. Dictionary Attack Mode • Defeating a cipher or authentication mechanism by • Searching likely possibilities. • i.e. searching part of the key space. • Not brute force • Assumption: Potentially weak passwords

  14. Building Dictionary • Tool Used: John the Ripper • Permutations • Combinations • Command • john --wordlist=all.lst --rules --stdout |unique mangled.lst

  15. Building Dictionary (2) • Rules • l (convert to lowercase) • C (lowercase the first character, and uppercase the rest) • r (reverse: "Fred" ==> "derF") • f (reflect: "Fred" ==> "FredderF") • d (duplicate: "Fred ==> "FredFred"") • ..........and many more!! • Time to permute: little over 4 hours • Newer versions:  • John the Ripper 1.7.6+  • Support for OpenMP directives. • (Source:openwall.info/wiki/john/parallelization)

  16. Reading the Dictionary: Initialization

  17. Reading the Dictionary: Indexing • Indexing uses  • displacement array  • rank  • per process word count • Load is evenly distributed. • Eg: n = 103, m = 10 • n/m = 103/10 = 10 • n%m = 103%10 = 3 • rank 0 : 11 words • rank 1 : 11 words • rank 2 = 11 words • rank 3-9 = 10 words

  18. Zip file format • Extracting information from zip file • Verifying the password • Decrypting the file data • Used Dr. Brian Gladman’s code • C library for AES encryption • Used by WinZip Requirements for Cracking a zip file

  19. HEADER FILE NAME EXTRA FIELD SALT PASSWORD VERIFIER ENCRYPTED FILE DATA AUTHENTICATION CODE (MAC) Zip file format

  20. Given Password Zip File Password Verification Process

  21. Given Password Zip File Salt Password Verification Process

  22. Password Verifier Given Password Zip File Salt Password Verification Process

  23. Password Verifier Given Password Zip File Salt Password Verification Process Password Verifier

  24. Password Verifier Given Password Zip File Salt Password Verification Process Password Verifier Match

  25. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match

  26. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match

  27. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match Data

  28. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match Decrypt MAC Data

  29. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match Decrypt MAC Data MAC

  30. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match Decrypt MAC Data MAC Match

  31. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match Decrypt MAC Data Return False MAC Match

  32. Password Verifier Given Password Zip File Salt Password Verification Process Return False Password Verifier Match Decrypt MAC Data Return False MAC Match Return True

  33. Reducing file handling operations • Quick 2 byte check • Parallel implementation on GPU Speed ups

  34. Data Collection & Testing • Frost • 32-bit, 700Mhz, 512MB Ram • Janus • 64-bit, 2.8GHz, 2GB Ram • Ran in 32-bit mode • Test Types • Brute and Dictionary • Nodes:  128, 1024, 2048, 4096 • First, Middle, Last, Never • (password positions) •  Model • Passwords / time unit for X nodes • Time to solution for X nodes

  35. Results (Estimated Time: Brute, Janus )

  36. Results(Estimated Time: Brute, Janus vs Frost)

  37. Results(Estimated Time: Dictionary, Janus )

  38. Results(Estimated Time: Dict., Janus vs Frost)

  39. Conclusions • Max throughput (Janus) • Brute = 172 passwords / second • Dictionary = 86 passwords / second • Brute (Janus) • 7 alphanumeric = 60 days with 4096 processors • 8 alphanumeric = 9.9 years with 4096 processors • 10 alphanumeric = 38395 years with 4096 processors • Dictionary (Janus) • 1 billion = 47.3 minutes with 4096 processors • 100 billion = 78.85 hours with 4096 processors • Conclusion • Choose good passwords

  40. Questions? http://code.google.com/p/pzapr/

More Related