German Hacker Uses Cloud to Crack Passwords
A German hacker claims to have used cloud computing to crack passwords stored in an algorithm developed by the National Security Agency, according to ZDNet UK.
Thomas Roth announced Tuesday he had used one of Amazon Web Service’s Cluster GPU Instances to crack the passwords encrypted in a Secure Hashing Algorithm hash.
“I think that cloud cracking can be useful in the future because of its massive parallel nature. You can start a 100 node cracking cluster with just a few clicks,” he told ZDNet UK.
On his blog, Roth wrote GPUs are known to be the best hardware accelerator for cracking passwords, so he decided to try it out.
“How fast can this instance type be used to crack SHA1 hashes? Using the [Cuda-Multiforcer], I was able to crack all hashes from [the 560 character SHA1 hash] with a password length from one to six in only 49 minutes (one hour costs $2.10 by the way),” Roth wrote.
A SHA1 hash is an encryption algorithm, which is vulnerable to a brute-force attack–the same technique as the Multiforcer that Roth employed, ZDNet UK reported.
Additionally, Roth used special software, which shares similar architecture to the Cluster GPU Instance, to make the hack more effective.
Related posts:
