A PRACTICAL EVALUATION OF THE IMPLEMENTATION OF DISTRIBUTED CRYPTOANALYSIS IN THE CONDITIONS OF LIMITED RESOURCES
Keywords:distributed cryptanalysis, Hashtopolis, hash, cryptanalysis speed, practical assessment
The operational units of relevant special services and public authorities frequently encounter the task of cryptanalysis encrypted data during the execution of their duties. In practical terms, the operational disclosure of such data through cryptographic means typically faces two significant challenges: limited specialized computing resources and the availability of only a restricted number of personal computers operating on the Windows operating system. To enhance the efficiency of cryptanalysis under such circumstances, one of the most pertinent approaches is the implementation of parallel distributed client-server computing within a local network of Windows PCs. In this setup, the server assigns specific subsets of the potential encryption key space to agents within the local network at regular intervals. Subsequently, these agents delegate the task of key searching to their corresponding local programs. The initial phase of practical evaluation has been conducted to assess the Hashtopolis application's viability as a tool for distributed cryptanalysis under resource-constrained conditions. Hashtopolis demonstrates operability within a local network of Windows PCs and holds practical utility. However, the increase in parallel computing speed is not directly proportional to the number of agents involved, as additional time is required for the subset formation, distribution to agents, and retrieval of key search results. Further investigation is necessary to evaluate Hashtopolis effectively, taking into account the performance growth in relation to the number of agents, different types of hashes, various forms of cryptanalysis (dictionary-based, combined), and monitoring the temperature of processors on agent machines. Additionally, determining the optimal selection of subset size within the potential key space for agents, based on factors such as the number of agents, their current search speed, the hash algorithm employed, and the type of search, poses a distinct challenge.
Носов В.В. Розподілений криптоаналіз при обмежених ресурсах для потреб правоохоронних органів // Протидія кіберзлочинності та торгівлі людьми: зб. матеріалів Міжнарод. наук.-практ. конф. (27 травня 2020 р., м. Харків) / МВС України, Харків нац. ун-т втур. справ; Координатор проектів ОБСЄ в Україні. Харків: ХНУВС, 2020, С. 117-119.
Hashcat advanced password recovery [Електронний ресурс]. URL: https://hashcat.net/ (дата звернення: 18.04.2023).
John the Ripper password cracker [Електронний ресурс]. URL: https: // www. open-wall.com/john/ (дата звернення: 18.04.2023).
Hashstack-server-plugin-hashcat. Scrapers at mas-ter. Stricture/hashstack-server-plugin-hashcat. Git-Hub [Електронний ресурс]. URL: https://github. com / stricture / hashstack - server-plugin-hashcat/ tree/master/scrapers (дата звернення: 18.04.2023).
John/run at bleeding-jumbo. Openwall/john. Git-Hub [Електронний ресурс]. URL: https://github. com/ openwall / john / tree / bleeding-jumbo/ run (дата звернення: 18.04.2023).
GitHub - hashtopolis/server: Hashtopolis - A Hashcat wrapper for distributed hashcracking [Електронний ресурс]. URL: https://github.com/s3inlc /hashtopolis (дата звернення: 18.04.2023).
GitHub - nesfit/fitcrack: A hashcat-based distrib-uted password cracking system [Електронний ресурс]. URL: https://github.com/nesfit/fitcrack (дата звернення: 18.04.2023).
GitHub - jmmcatee/cracklord: Queue and resource system for cracking passwords [Електронний ресурс]. URL: https: // github. com/jmmcatee/cracklord (дата звернення: 18.04.2023).
GitHub - mandiant/gocrack: GoCrack is a management frontend for password cracking tools written in Go [Електронний ресурс]. URL: https: // github.com/fireeye/gocrack (дата звернення:18.04.2023).
LicenseAuthors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).