Graphic Cards: Password Recovery

goes Faster and Greener

Who may needPassword Recovery?

Ordinary users (own passwords)

IT Departments (employee’s passwords)

Security auditors, consultants and penetration testers

Law enforcement & government

Hackers usually don’t!

Why speed counts?

Users and IT Departments:«We needed those passwords yesterday»

Auditors, consultants and pentesters:

«Time is Money»

How to increase speed?

Traditional way is to network together many computers to form a cluster

• Communication overhead

• Difficult to manage

• Not power-efficient

Any other options?

For many HPC applications GPUsare many times fasterthan CPUs

Yes!

But they’re not only faster, they are

greener!

Why?

CPUs are designed to be efficient at serialcomputing…

…while GPU’s main concern is

parallel computing

Intel® Core™ i7-965

“The highest performing desktop processor on the

planet.”

4 cores3,2 GHz

731 million transistors263 mm2

L3 cache8 Мb

>384 million transistors

QPI

QPI

IO IOQueue

Core Core

Memory Controller

CoreCore

L3 cache8 Мb

>384 million transistors

QPI

QPI

IO IOQueue

Core Core

Memory Controller

CoreCore

L2

Pagi

ng

Bran

ch P

redi

ctio

n

Inst

Fet

ch &

L1

L1 Data

Execution Units

Mem

ory

Orde

ring

&

Exec

utio

n

Out-of-Order

Scheduling &

Retirement

Instruction Decode & Microcode

L3 cache8 Мb

>384 million transistors

QPI

QPI

IO IOQueue

Core Core

Memory Controller

CoreCore

CPU dedicates only about 10% to the

execution units!

1/10

CPU dedicates only about 10% to the

execution units!

NVIDIA®GeForce® GTX 285

240 cores1.476 GHz1.4 billion transistors470 mm2

TPC TPC TPC TPC TPC

TPC TPC TPC TPCTPC

ROP Setup ROP

Memory Controller

PCIe & Memory

Controller

Thread Dispatch

TPC TPC TPC TPC TPC

TPC TPC TPC TPCTPC

ROP Setup ROP

Memory Controller

PCIe & Memory

Controller

Thread Dispatch

Mul

tipro

cess

or

Mul

tipro

cess

or

Mul

tipro

cess

orTexture Fetch &

Other

TPC TPC TPC TPC TPC

TPC TPC TPC TPCTPC

ROP Setup ROP

Memory Controller

PCIe & Memory

Controller

Thread Dispatch

GPU dedicates about 30% to the execution units!

1/3

GPU dedicates 6 times as manyresources to the execution units

as CPU!

183 Watts full load

6x130=780 Watts full load

Performance

70

87

32

570

795

195

920

1 330

250

1 920

2 600

680

0 1 000 2 000 3 000

MD5

NTLM

LM

Millions passwords per second

S1070

GTX 295

GTX 285

Q6600

Performance per $

389

483

178

1 629

2 271

557

1 917

2 771

521

240

325

85

0 500 1 000 1 500 2 000 2 500 3 000

MD5

NTLM

LM

Thousands passwords per $ per second

S1070

GTX 295

GTX 285

Q6600

Are passwords broken?

No, but it is good time to review password policy!

• Use password manager

• Don’t use pronounceable word as password

• Use random set of (at least) lowercase and uppercase letters and digits as password

• Windows: use passwords of at least 10 characters long

• Change your passwords regularly

• Review password policy regularly

Performance per Watt

667

829

305

3 115

4 344

1 066

3 183

4 602

865

2 400

3 250

850

0 1 000 2 000 3 000 4 000 5 000

MD5

NTLM

LM

Thousands passwords per watt per second

S1070

GTX 295

GTX 285

Q6600

Greener Computing

• Consider a cluster of 25 dual-CPU quad-core computers

• 400 watts full load each

• 10’000 watts total

Greener Computing

• Two Tesla S1070 provide same performance

• 800 watts full load each

• One computer for management

• 2’000 watts total

Greener Computing

• 8’000 watts saved

• 49’090 kWh a year (at 70% utilization)

• £3’436 savings on electricity a year (at 7p per kWh average rate)

• Prevents 27’500 kg CO2 emission

• Takes 5 cars off the road

• Saves 2’300 trees/year

Thank You!

Andrey Belenkoa.belenko@elcomsoft.com