|
|
|||||||||
|
||||||||||
VADER:Versatile Accelerated Digital Encryption RecoveryBy:Daniel Donaldson, Gregory Ireland (Project P17, 2012) |
||||||||||
Defining the problem and suggested solution:The VADER system is a digitally accelerated add-on hardware device designed to recover passwords using an acquired hashed password and hashing function. Uses of such a device could be to speed up computationally expensive recovery of passwords for forensic purposes such as instances where a victim or suspects password protected information could assist in an investigation. In order for the system to begin the specific hashing function used to create the password hashes would need to be acquired; it is assumed that this is available and many commonly used hashing functions are indeed widely available. The hashed version of the password itself would also need to be acquired. The system will run parallelized functions on an FPGA to accelerate the recovery of the password. The system will first run a dictionary type cracking attempt and following this if it is unsuccessful a brute force algorithm will be applied.Problem list/ design questions: Possible decision to use one or more soft core processors on the FPGA for implementing the cracking function or to control the system. How to implement a dictionary on the FPGA memory. Possibility of creating a reconfigurable computer which changes its hardware depending on weather a dictionary or brute force attack is being run. Extent to which the functions should be parallelized to (fine or coarse grained). Number of parallel computational components to use. How to effectively develop and test the software or HDL designs. How to correctly interface with the system using USB. Performance Criteria: Latency the time in which the system takes to successfully take a password recovery task and produce the result. Throughput If the system is cracking multiple passwords this would be the number of passwords cracked per unit time. Speedup vs Gold standard The speedup ratio observed when pitted against a traditional computer when both systems are cracking the same password. Differences in performance from the respective dictionary and brute force attempts will also need to be compared. Gauging the performance wont be as straightforward as different passwords may take significantly different times to crack especially those which are in a dictionary or not. Performance of the system will ultimately always have to be compared relative to a traditional PC system running a gold standard algorithm, as such definite numbers for latency and throughput cannot be given, only relative to another system. Interfacing Method:The VADER system will connect to the host PC via USB for communication between the devices. The hashing function and password hash will be downloaded to the FPGA via USB, the system will then run through a dictionary attempt and if unsuccessful a brute force attempt. Once the password has successfully been cracked the resulting recovered password will be sent back to the PC.Tests:Simulations of the FPGA's functions will be run on the PC while prototyping the system. Once the system has been programmed onto the FPGA the system can be tested by using a known password and password hash. The expected finished password result of the system can then be tested for consistency and the system can be timed for performance values. A golden standard serial or even parallel algorithm can be used on the PC to test the speed up observed on the VADER system to evaluate the performance gain of the system and justify the use of such an FPGA system.. |
||||||||||
|
||||||||||
|
||||||||||
|