Mittwoch, 28. November 2007

Cracking Passwords with the PS3

Nick Breese, a security researcher from New Zealand, has used the PS3 as a brute force password cracking device. He presented his findings at Kiwicon 07. You can hear Nick Breese's presentation where he discusses the PS3's Cell processor can crack passwords 190 times faster than an Intel Core 2 Duo.

He states that an 8 character password can be cracked in about 2 days with the PS3 because of it's calculation speed.

Nick Breese states:
"Suddenly we have a massive increase in terms of . . . cryptography cracking," he told Next. "Eight-character 'strong' passwords can be broken in a couple of days whereas before it would take weeks."

Speed is important to "brute force" password cracking, which relies on guessing all possible combinations of the characters that make up the password.

The accelerated technique means passwords protecting Office, PDF, ZIP and Lotus Notes ID files can be cracked with breathtaking speed. However, many other password types are handled more securely in software and remain unaffected by Breese's claimed speed increase.

"They're still safe. However, the gap has shrunk a hell of a lot," he says. "If you had access to a thousand PlayStations you could (still) crack an eight-character Linux password in a few days."
You can hear part of the presentation on the Risky Business #40 Podcast. It starts at the 9:30 mark.

Thanks Sydney Morning Herald!


[Source: Sony PS3 Modding - Homebrew, Upgrades, Mods, and Hacks]