On Efficiency of Distributed Password Recovery

One of the major challenges in digital forensics today is data encryption. Due to the leaked information about unlawful sniffing, many users decided to protect their data by encryption. In case of criminal activities, forensic experts are challenged how to decipher suspect\u27s data that are subject to investigation. A common method how to overcome password-based protection is a brute force password recovery using GPU-accelerated hardware. This approach seems to be expensive. This paper presents an alternative approach using task distribution based on BOINC platform. The cost, time and energy efficiency of this approach is discussed and compared to the GPU-based solution

Authentication Methods and Password Cracking

Na začátku této práce porovnáváme dnes běžně používané metody autentizace a také mluvíme o historii, současnosti a budoucnosti zabezpečení hesel. Později využíváme nástroj Hashcat k experimentům s útoky hrubou silou a slovníkovými útoky, které zrychlujeme s pomocí Markovových modelů a pravidel pro manipulaci se slovy. Porovnáváme také dva hardwarové přístupy --- běžný počítač a cloud computing. Nakonec na základě našich poznatků práci uzavíráme souborem doporučení na prolamování hesel s důrazem na hardware, velikost datové sady a použitou hašovací funkci.In the beginning of this thesis, we compare authentication methods commonly used today and dive into the history, state of the art as well as the future of password security. Later on, we use the tool Hashcat to experiment with brute-force and dictionary attacks accelerated with Markov models and word mangling rules. We also compare two hardware approaches --- regular computer and cloud computing. Based on our findings, we finally conclude with a set of password-cracking recommendations with focus on hardware, dataset size and used hash function

Análisis de herramientas y técnicas de apoyo a la recuperación de información cifrada

El proyecto aborda el problema de la optimización de los procesos de descifrado de evidencias informáticas protegidas con contraseña. En este proyecto se analizan alternativas tecnológicas para la realización de una plataforma de tratamiento masivo de información cifrada utilizando la tecnología GPGPU (General-Purpose Computing on Graphics Processing Units) para procesar datos. Dentro de este contexto, también se estudia la viabilidad de la utilización de esta tecnología GPU dentro de un entorno de virtualización basado en Xen y se adaptan soluciones existentes para poder utilizar la tarjeta gráfica nativa por los huéspedes virtuales. El objetivo final que se persigue es posibilitar la integración de distintas herramientas de descifrado en una misma plataforma con independencia del sistema operativo para el que fueron desarrolladas.The project addresses the problem of decrypting password-protected computer evidences. This project will analyze differents technological alternatives in order to achieve the realization of a decryption platform using the GPGPU technology (General-Purpose Computing on Graphics Processing Units) to process data. Within this context, the project examines the feasibility of using this GPU technology within a virtualization environment based on Xen and adapt existing solutions to use the native graphics card inside the virtual guests. The ultimate goal pursued is to enable the integration of various cracking tools on the same system despite of the operating system for which they were developed

rOpenCL: uma ferramenta para acesso de aplicações heterogéneas a co-processadores remotos

Há cerca de uma década, o panorama da arquitetura dos sistemas de computação registou um salto evolutivo, com o aparecimento de sistemas heterogéneos. Nestes sistemas, à unidade central de processamento (CPU), talhada para uso genérico, juntaram-se dispositivos co-processadores, como GPUs e FPGAs, de diferentes arquiteturas. Originalmente concebidos para fins muito específicos (como processamento gráfico ou de sinal), estes coprocessadores passaram a ser vistos como elementos auxiliares de processamento, capazes de acelerar a execução de aplicações computacionalmente exigentes. Para permitir a exploração eficiente de sistemas heterogéneos, e garantir portabilidade do código, definiram-se standards abertos, como o OpenCL, suportando co-processadores de virtualmente qualquer tipo. Noutros casos, passaram a existir frameworks proprietárias, orientadas a dispositivos de fabricantes específicos, como a framework CUDA para GPUs da NVIDIA. Comum a todas estas abordagens é o facto de, originalmente, apenas preverem a utilização de co-processadores locais, ligados a um único sistema hospedeiro, não possibilitando a exploração de aceleradores ligados a outros sistemas, acessíveis via rede, limitando assim o potencial de aceleração das aplicações. O trabalho desenvolvido nesta dissertação dá resposta a esta limitação. Consistiu na criação do remote OpenCL (rOpenCL), middleware e serviços que, em conjunto, permitem que uma aplicação OpenCL (mesmo pré-compilada), explore de forma transparente e eficiente o conjunto de aceleradores disponíveis num ambiente distribuído de sistemas Linux, recorrendo a comunicação portável assente em sockets BSD. A abordagem é validada recorrendo a benchmarks OpenCL de referência, que provam a conformidade do rOpenCL com a especificação OpenCL 1.2, bem como a robustez e escalabilidade da implementação.About a decade ago, the landscape of computer systems architecture registered an evolutionary leap, with the appearance of heterogeneous systems. In these systems, the central processing unit (CPU), designed for generic use, was joined by co-processor devices, such as GPUS and FPGAS, of different architectures. Originally designed for very specific purposes (such as graphic or signal processing), these co-processors came to be seen as auxiliary processing elements, capable of accelerating the execution of computationally demanding applications. To allow efficient exploitation of heterogeneous systems, and to ensure portability of code, open standards were defined, such as OpenCL, supporting coprocessors of virtually any type. In other cases, there have been proprietary frameworks oriented to devices from specific manufacturers, such as the CUDA framework for NVIDIA GPUs. Common to all these approaches is that they originally only provide for the use of local co-processors, which are connected to a single host system, and do not allow the exploitation of accelerators connected to other systems, accessible via the network, thereby limiting the potential for application acceleration. The work developed in this dissertation responds to this limitation. It consisted of the creation of remote OpenCL (rOpenCL), middleware and services that allow an OpenCL application (even pre-compiled) to transparently and efficiently explore the set of accelerators available in a distributed Linux system environment, using portable BSD sockets for communication. The approach is validated using reference OpenCL benchmarks, which prove the rOpenCL compliance with the OpenCL 1.2 specification, as well as the robustness and scalability of the implementation

The Proceedings of 14th Australian Information Security Management Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

The annual Security Congress, run by the Security Research Institute at Edith Cowan University, includes the Australian Information Security and Management Conference. Now in its fourteenth year, the conference remains popular for its diverse content and mixture of technical research and discussion papers. The area of information security and management continues to be varied, as is reflected by the wide variety of subject matter covered by the papers this year. The conference has drawn interest and papers from within Australia and internationally. All submitted papers were subject to a double blind peer review process. Fifteen papers were submitted from Australia and overseas, of which ten were accepted for final presentation and publication. We wish to thank the reviewers for kindly volunteering their time and expertise in support of this event. We would also like to thank the conference committee who have organised yet another successful congress. Events such as this are impossible without the tireless efforts of such people in reviewing and editing the conference papers, and assisting with the planning, organisation and execution of the conferences. To our sponsors also a vote of thanks for both the financial and moral support provided to the conference. Finally, thank you to the administrative and technical staff, and students of the ECU Security Research Institute for their contributions to the running of the conference

Expanding the UK Secure by Design proposal for a usable consumer-focused IoT security label

No person whom has any knowledge of security in the Internet of Things (IoT) would claim the current landscape is desirable, as exceedingly poor security of devices is routinely exhibited in an ecosystem experiencing exponential growth of devices. If these devices follow past trends in Cyber Security, it is not unreasonable to assume that without intervention another decade of exponentially growing costs attributed to Cyber Crime may lay ahead. After the failure of the voluntary approach to IoT Security, works are now being taken to legislate a minimum security standard.Building from existing proposals, this paper outlines real improvements that could be made to current ongoing works, with the intention of providing incentive for manufacturers to improve device security in the IoT sector and reduce the timeline for routine deployment of secured devices.Incorporating strategies developed in other industries, as well as security requirements from across international borders, a point-of-sale user focused label is proposed, which can be easily interpreted by non-technical users. Intending to provoke curiosity and fully reassure the end-user, a two-layer system is chosen which allows the conveyance of more detailed information than could fit on a physical label