A PRACTICAL EVALUATION OF THE IMPLEMENTATION OF DISTRIBUTED CRYPTOANALYSIS IN THE CONDITIONS OF LIMITED RESOURCES

Authors

DOI:

https://doi.org/10.18372/2410-7840.25.17596

Keywords:

distributed cryptanalysis, Hashtopolis, hash, cryptanalysis speed, practical assessment

Abstract

The operational units of relevant special services and public authorities frequently encounter the task of cryptanalysis encrypted data during the execution of their duties. In practical terms, the operational disclosure of such data through cryptographic means typically faces two significant challenges: limited specialized computing resources and the availability of only a restricted number of personal computers operating on the Windows operating system. To enhance the efficiency of cryptanalysis under such circumstances, one of the most pertinent approaches is the implementation of parallel distributed client-server computing within a local network of Windows PCs. In this setup, the server assigns specific subsets of the potential encryption key space to agents within the local network at regular intervals. Subsequently, these agents delegate the task of key searching to their corresponding local programs. The initial phase of practical evaluation has been conducted to assess the Hashtopolis application's viability as a tool for distributed cryptanalysis under resource-constrained conditions. Hashtopolis demonstrates operability within a local network of Windows PCs and holds practical utility. However, the increase in parallel computing speed is not directly proportional to the number of agents involved, as additional time is required for the subset formation, distribution to agents, and retrieval of key search results. Further investigation is necessary to evaluate Hashtopolis effectively, taking into account the performance growth in relation to the number of agents, different types of hashes, various forms of cryptanalysis (dictionary-based, combined), and monitoring the temperature of processors on agent machines. Additionally, determining the optimal selection of subset size within the potential key space for agents, based on factors such as the number of agents, their current search speed, the hash algorithm employed, and the type of search, poses a distinct challenge.

References

Носов В.В. Розподілений криптоаналіз при обмежених ресурсах для потреб правоохоронних органів // Протидія кіберзлочинності та торгівлі людьми: зб. матеріалів Міжнарод. наук.-практ. конф. (27 травня 2020 р., м. Харків) / МВС України, Харків нац. ун-т втур. справ; Координатор проектів ОБСЄ в Україні. Харків: ХНУВС, 2020, С. 117-119.

Hashcat advanced password recovery [Електронний ресурс]. URL: https://hashcat.net/ (дата звернення: 18.04.2023).

John the Ripper password cracker [Електронний ресурс]. URL: https: // www. open-wall.com/john/ (дата звернення: 18.04.2023).

Hashstack-server-plugin-hashcat. Scrapers at mas-ter. Stricture/hashstack-server-plugin-hashcat. Git-Hub [Електронний ресурс]. URL: https://github. com / stricture / hashstack - server-plugin-hashcat/ tree/master/scrapers (дата звернення: 18.04.2023).

John/run at bleeding-jumbo. Openwall/john. Git-Hub [Електронний ресурс]. URL: https://github. com/ openwall / john / tree / bleeding-jumbo/ run (дата звернення: 18.04.2023).

GitHub - hashtopolis/server: Hashtopolis - A Hashcat wrapper for distributed hashcracking [Електронний ресурс]. URL: https://github.com/s3inlc /hashtopolis (дата звернення: 18.04.2023).

GitHub - nesfit/fitcrack: A hashcat-based distrib-uted password cracking system [Електронний ресурс]. URL: https://github.com/nesfit/fitcrack (дата звернення: 18.04.2023).

GitHub - jmmcatee/cracklord: Queue and resource system for cracking passwords [Електронний ресурс]. URL: https: // github. com/jmmcatee/cracklord (дата звернення: 18.04.2023).

GitHub - mandiant/gocrack: GoCrack is a management frontend for password cracking tools written in Go [Електронний ресурс]. URL: https: // github.com/fireeye/gocrack (дата звернення:18.04.2023).

Published

2023-05-25