Using Parallel Computing To Implement Se PDF
Using Parallel Computing To Implement Se PDF
In 2003, Philip Oechslin invented a new technology to implement Oechslin’s algorithm. These implementations normally use
the security attack called Rainbow table. Rainbow table is time normal personal computer or sometime GPU in the computer.
memory trade off which aims to reduce the calculation happened
during the cryptanalysis. Rainbow table reduce the required time
for the attack, but generating of the Rainbow table required long
II. RELATED WORKS
time. In this paper we try to achieve parallel implementation for One of the previous work is the RainbowCrack considered
Rainbow table using Message Passing Interface (MPI) with the one of the most popular rainbow table cracker it is a general
frame work Intel Cluster Suite. The proposed system support five purpose implementation of the Oechslin’s algorithm.
hashing algorithms, yet our case study was two windows hashing RainbowCrack project is software to crack hashes using
algorithms lm and ntlm. We used Linux operating system in RC rainbow table in this implementation rainbow table are sorted
computing lab and made our parallel implementation using 201 and saved in the hard disk. RainbowCrack consist of many
processing unit to generate Rainbow table. We decrease the time to software for example rtgen program which used to create
generate table from 7.1 days in sequential implementation to 46.4 rainbow table, rtsort program which used to sort the given
minutes in parallel implementation; as a result we achieve 221.5 rainbow table after loading it to memory and rtcrack which
speedup.
used to crack a specific hash or hashes list using the sorted
Keywords- Parallel processing, Security, Privacy & login, rainbow table. RainbowCrack is efficient implementation to
Rainbow tables. rainbow table but it need a long time to generate the table days
or weeks depending on the options for creating the table which
depend on the types of passwords want to cracks[3][8].
I. INTRODUCTION
Another interesting work in this field is the thesis of
In the last few years, security represent on the most
Michael S. Taber, “Distributed Pre-computation for a
important challenges in computer world. The need of security
Cryptanalytic Time-Memory Trade-Off” in his work Taber
increases directly proportional to the increases to the attack. As
made parallel implement for RainbowCrack using local
everybody know there are different types of attacks, and one of
network on windows operating system. This implementation
the most important attacks is the attack on passwords. The
include three hashing algorithms lm, md5 and SHA1 [9].
password always encrypted using an encryption algorithm and
However this thesis present an efficient implementation for
the general idea of encryption algorithms is to make the
RainbowCracker, but it not supports some important hashing
required time to break the encrypted information not worth the
algorithms for example ntlm.
value of the information. In the other words, the power of
attack on password different in the required time to break the Edward R. Sykes in his paper “An improved parallel
password; for example brute force attack considered a implementation of RainbowCrack using MPI” shows another
guaranteed method to break the password. The problem in the implementation for RainbowCrack. He made parallel
brute force attack it’s required a long time to break the implementation of RainbowCrack using SHARCNET
password. As a result, many algorithms appeared to decrease supercomputer. And he showed the implementation of
the required time to breaking the password. One of these generating windows hash of length 14 characters by decreasing
interesting algorithms is proposed by Philippe Oechslin in his the required time to generate the table [10].
paper “Making a Faster Cryptanalytic Time-Memory Trade-
Off”, Oechslin algorithm made a tread between time and In this paper we made a development for Taber thesis we
memory space. This algorithm try to reduce the cryptanalysis make generation rainbow table for supporting more algorithms,
time dramatically using Rainbow tables [1] [2] [6]. then support sorting and cracking features. With support other
operating system for example Linux. Then after sequential and
Rainbow tables simply is precomputed table contain many parallel implementation for rainbow table completed we test
passwords calculated in a specific method this table used to the generated tables and get the same result. Our test achieved
cryptanalysis passwords instead of trying to attack the by cracking windows 7 and windows 8 login passwords which
password one by on like brute force attack[7]. There are many encrypted using ntlm algorithm.
implementation for Oechslin algorithm for example
RainbowCrack [3] and Cryptohaze GPU Rainbow Cracker [4],
but these implementation considered basic implementation of
35 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 13, No. 8, August 2015
III. SOLUTION DESIGN master as specific function and the workers (slaves) has
Our solution will focused on using parallel processing to different function. We will summarize these function as
generate Rainbow table. first we will describe the sequential following
implementation then the parallel approach. B. Master does the following functions:
1. Send task to a worker: sending a start of the chain
A. Rainbow Table sequential generation
and the client will do the calculation.
In our solution we focused on generating rainbow table
using MPI. The algorithm of creating rainbow table is illustrate 2. Get next task and
in the following steps: 3. Until complete the total number of chains.
List (1): Generating rainbow table. 4. Receive task result from any worker: it mean the
1- Start master receive portion of the rainbow table from
2- Generate password plain text rang space. each client then combine these portions to single
3- Pick a random location in plain text rang space and get the rainbow table.
real value for plain text
4- Calculate hash value for selected text C. Worker does the following functions:
5- Reduce hash to a new location 1. Receive task from the master.
6- if not reached chainlength go to step 3 2. Compute task results: by creating temporary file
7- store first plain text and last hash value in rainbow table and each row this file contains tow values
generating rainbow table is a complex process figure (1) can represent the start point and the end point of the
help to simplified this process: chain. The calculating of the end point explained
in List (1).
Send results to the master by sending the generated rainbow
table portion to the master.
36 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 13, No. 8, August 2015
charset: represent all possible characters for the plaintext of Some difficulties in such programs is the debugging problem
the password we want to crack. which is one of the hardest difficulties in this work; Microsoft
supports MPI debugging in Visual Studio 2010 but it stops
minlen: Minimum number of characters of the password. supporting MPI debugging in Visual Studio 2013. And there
are many developer ask to return this feature in the following
maxlen: Maximum number of characters of the password. versions of visual studio.
table_index: the Index value refers to a number between 0 and
VI. CONCLUSIONS
key space max -1, and it is used to prevent collisions between
different rainbow tables.
Rainbow Table represent an efficient method to attack
chain_len: Chain length which represent the number of hashes passwords, it reduces the time of breaking the hashed password
stored in each chain. because it is precomputed and stored in memory. Creating the
rainbow table needs a large amount of time. We use parallel
chain_count: Number of Chains can be stored inside Rainbow processing to decrease the required time to generate rainbow
Tables The more chains we create, the more hashes we can table. As a recommendation we suggest after our experiment in
crack. this work we suggest:
After making different type of experiments we get the Using longer password
different results here we try to focus on ntlm algorithm Using more complex password
because we used this algorithm to crack windows 7 password.
We need more advanced login technique.
The result of sequential implementation using single core
is:.
VII. FUTURE WORK
37 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 13, No. 8, August 2015
[10] E. R. Sykes, and W. Skoczen, "An improved parallel AUTHORS PROFILE
implementation of RainbowCrack using MPI", Journal of Sedeeq Hasan Albana Ali Al-Khazraji is a lecturert in
Computational Science, vol. 5, no. 3, pp. 536-541, 2014. Computer Sciences Department, College of Computers and
Mathematics. University of Mosul. he received his MSC
degree in computer sciences in 2011 in the specialty of
operating system and computer networks. Currently he is a
PH.D. student in B. Thomas Golisano College of Computing
and Information Sciences, Rochester Institute of Technology.
He interest with Distributed systems, Databases, Security and
Privacy issues.
38 http://sites.google.com/site/ijcsis/
ISSN 1947-5500