No coin nor oath required. For personal study only.
The method builds on work carried out by Moxie Marlinspike and his WPACracker service, which uses a 400 CPU cluster on the Amazon cloud. Roth took this further using Amazon's 'cluster GPU instances' infrastructure.
Roth had previously carried out research using the Amazon service to brute-force SHA-1 hashes. As a result of the new Amazon service, he said, it's now easy for anyone to create a 100-node (or more) cluster and distribute the task of cracking passwords. It turns out that the job of cracking hashes is perfectly suited to mass parallelisation, he added.
With this architecture, he believes it's possible to try up to 400,000 passwords a second. He was able to break into a WPA-PSK protected network in around 20 minutes and believes this could be reduced to as little as six.
Roth's blog is at: .
T he humble password has had its day and is no longer up to the task of securing access to modern infrastructures and technologies, says a report from Forrester Consulting, commissioned by Symantec.
๐ SIMILAR VOLUMES