Security of Password Hashing in Cloud

Security of Password Hashing in Cloud

下载PDF

导出

摘要 Though the History of using password in computing can be traced back to as far as mid of last century little focus has been implied on how to securely store and retrieve password to authenticate and authorize services to the end users. In this paper the current security of various password hashing schemes that are in use today will be investigated through practical proof of concept-GPU based, password hash dump cracking using the power of cloud computing. We will be providing comparison on different password hashing cracking time using the cloud GPU power in AWS. The focus of this paper is to show the possible use of cloud computing in cracking hash dumps and the way to countermeasures them by using secure hashing algorithm and using complex passwords. Though the History of using password in computing can be traced back to as far as mid of last century little focus has been implied on how to securely store and retrieve password to authenticate and authorize services to the end users. In this paper the current security of various password hashing schemes that are in use today will be investigated through practical proof of concept-GPU based, password hash dump cracking using the power of cloud computing. We will be providing comparison on different password hashing cracking time using the cloud GPU power in AWS. The focus of this paper is to show the possible use of cloud computing in cracking hash dumps and the way to countermeasures them by using secure hashing algorithm and using complex passwords.

作者 Parves Kamal

机构地区 Department of Information Systems Assurance

出处《Journal of Information Security》 2019年第2期45-68,共24页 信息安全（英文）

关键词 Index Terms-Hash Collision GPGPU CUDA OPENCL Index Terms-Hash Collision GPGPU CUDA OpenCL

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

参考文献2

1张润梅,王霄.基于CUDA架构的MD5破解方法研究[J].计算机科学,2011,38(2):302-304. 被引量：7
2翁捷,吴强,杨灿群.基于OpenCL的MD5破解算法[J].计算机工程,2011,37(4):119-121. 被引量：5

二级参考文献12

1John T. The Ripper Password Cracker[EB/OL]. [2010-01-25], http://www.openwall.com/john/.
2Boeing A. Survey and Future Trends of Efficient Cryptographic Function Implementations on GPGPUs[C]//Proc. of the 6th Australian Digital Forensics Conference. Perth, Australia: [s. n.], 2008.
3Thomas E. The Open Standard for Parallel Programming of Heterogeneous Systems[EB/OL]. [2010-01-25]. http://www. khronos.org/opencl/.
4Rivest R. The MD5 Message-digest Algorithm[M]. Berlin, Germany: [s. n.], 1992.
5Corporation N.CUDA Programming Guide[EB/OL].www.nvdia.com.2009.2.
6Nvidia.The CUDA Compiler Driver NVCC.2008.
7Tehver M.General Purpose GPU Programming with CUDA(演讲稿).2007.
8Portegies Z S F,Belleman R G,Geldof P M.High-performance direct gravitational N-body simulations on graphics processing units[J].NewAstron,2007,12:641-650.
9Dongarra J,Foster I,Fox G,et al.Sourcebook of Parallel Computing[M].Elsevier Science,2003.
10Kider Jr J T.GPU as a Parallel Machine:Sorting on theGPU[C] ∥Proc.of CIS'05.2005.

共引文献8

1于飞,吉庆兵,罗顺,张李军,兰天.GPU计算及其在密码分析中的应用[J].信息安全与通信保密,2012,10(12):98-100. 被引量：1
2严承华,张志明.RSA加解密算法的高效GPU实现[J].计算机应用,2013,33(A01):35-39.
3李恺,张李军,刘义铭.PhpBB网络论坛的安全性分析[J].通信技术,2013,46(8):98-101. 被引量：1
4兰天,吉庆兵,于飞,张李军.基于GPU的MD5破解技术研究与实现[J].通信技术,2013,46(12):62-65. 被引量：1
5刘新儒,韩旭里,任叶庆.研究生数学建模竞赛的变革与创新[J].数学理论与应用,2014,34(3):121-128. 被引量：3
6王云龙,吴瑛.基于GPU的相关干涉仪算法实现[J].信息工程大学学报,2015,16(1):41-45. 被引量：4
7谢鑫君,朱智慧,罗顺.基于映射的解密目标GPU快速比对法研究[J].计算机技术与发展,2017,27(11):119-122.
8安亚巍,罗顺,朱智慧.基于马尔可夫链的口令破解算法[J].计算机工程,2018,44(11):119-122. 被引量：2

1A. Filippou,D. A. Karras.Introducing Intelligent Agents Potential into a competent Integral Multi-Agent Sensor Network Simulation Architecture Design[J].Journal of Software Engineering and Applications,2013,6(7):42-48.
2Stephen Cossell,Jose Guivant.Parallel Evaluation of a Spatial Traversability Cost Function on GPU for Efficient Path Planning[J].Journal of Intelligent Learning Systems and Applications,2011,3(4):191-200.
3Sokyna M. Al-Qatawneh,Khalid Mohammad Jaber.Parallel Cascade Correlation Neural Network Methods for 3D Facial Recognition: A Preliminary Study[J].Journal of Computer and Communications,2015,3(5):54-62.
4David Romero-Laorden,Carlos Julián Martín-Arguedas,Javier Villazón-Terrazas,Oscar Martinez-Graullera,Matilde Santos Penas,César Gutierrez-Fernandez,Ana Jiménez Martín.Cheetah:A Library for Parallel Ultrasound Beamforming in Multi-Core Systems[J].Journal of Applied Mathematics and Physics,2015,3(8):1056-1061.
5Hira Narang,Fan Wu,Abdul Rafae Mohammed.An Efficient Acceleration of Solving Heat and Mass Transfer Equations with the First Kind Boundary Conditions in Capillary Porous Radially Composite Cylinder Using Programmable Graphics Hardware[J].Journal of Computer and Communications,2019,7(7):267-281.
6Hira Narang,Fan Wu,Abdul Rafae Mohammed.An Efficient Acceleration of Solving Heat and Mass Transfer Equations with the Second Kind Boundary Conditions in Capillary Porous Composite Cylinder Using Programmable Graphics Hardware[J].Journal of Computer and Communications,2018,6(9):24-38.
7Jonathan Gurary,Ye Zhu,Huirong Fu.Leveraging 3D Benefits for Authentication[J].International Journal of Communications, Network and System Sciences,2017,10(8):324-338.
8Gilbert Baumslag,Benjamin Fine,Anja Moldenhauer,Gerhard Rosenberger.Secure Passwords Using Combinatorial Group Theory[J].Journal of Information Security,2018,9(2):154-167.
9Raghu Raj Prasanna Kumar,Suresh Muknahallipatna,John McInroy,Mark McKenna,Lori Franc.Real-Time Range of Motion Measurement of Physical Therapeutic Exercises[J].Journal of Computer and Communications,2017,5(9):19-42.
10Bingbing Xia,Youping Dong.A Solution to Implement Dynamic Authentication[J].Open Journal of Applied Sciences,2012,2(3):177-179.

Journal of Information Security

2019年第2期

浏览历史

内容加载中请稍等...

Security of Password Hashing in Cloud

参考文献2

二级参考文献12

共引文献8

相关作者

相关机构

相关主题

浏览历史