Distributed Password Hash Computation on Commodity Heterogeneous Programmable Platforms

Published in 13th {USENIX} Workshop on Offensive Technologies ({WOOT} 19), 2019

Available at: https://www.usenix.org/conference/woot19/presentation/pervan

In this paper, we present the Cool Cracker Cluster cCc: a heterogeneous distributed system for parallel, energy-efficient, and high-speed bcrypt password hash computation. The cluster consists of up to 32 heterogeneous nodes with Zynq-7000-based SoCs featuring a dual-core, general-purpose ARM processor coupled with FPGA programmable logic. Each node uses our custom bcrypt accelerator which executes the most costly parts of the hash computation in programmable logic.

We integrated our bcrypt implementation into John the Ripper, an open source password cracking software. Message Passing interface (MPI) support in John the Ripper is used to form a distributed cluster. We tested the cluster, trying different configurations of boards (Zedboards and Pynq boards), salt randomness, and cost parameters finding out that password cracking scales linearly with the number of nodes. In terms of performance (number of computed hashes per second) and energy efficiency (performance per Watt), cCc outperforms current systems based on high-end GPU cards, namely Nvidia Tesla V100, by a factor of 2.72 and 5 respectively.

    title={Distributed Password Hash Computation on Commodity Heterogeneous Programmable Platforms},
    author={Pervan, Branimir and Knezovic, Josip and Pericin, Katja},
    booktitle={13th $\{$USENIX$\}$ Workshop on Offensive Technologies ($\{$WOOT$\}$ 19)},