Optimized Password Recovery for SHA-512 on GPUs

Ge, Can; Xu, Lingzhi; Qiu, Weidong; Huang, Zheng; Guo, Jie; Liu, Guozhen; Gong, Zheng

doi:10.1109/cse-euc.2017.226

Cited by 13 publications

(9 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The study will utilize a modified SHA-512 algorithm with additional security layers, including randomly generated salt and the Bcrypt algorithm [14], to enhance email security against phishing, spoofing, and A distributed denial-of-service (DDoS) attacks [21]- [25]. Comprehensive evaluation will encompass hash construction, computational efficiency, data integrity, collision resistance, and attack resistance.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Modification of SHA-512 using Bcrypt and salt for secure email hashing

Eljim S. Castelo,

Jolo L. Apostol IV,

Michael A. Cortez

et al. 2024

IJEECS

View full text Add to dashboard Cite

Email security, particularly against phishing, spoofing, and distributed denial-of-service (DoS) attacks, is a pressing concern given the essential role email plays in accessing various online accounts. The study introduced a modified SHA-512 algorithm, implementing additional security layers including randomly generated salt and the Bcrypt algorithm. The modified SHA-512 was comprehensively evaluated on parameters like hash construction, computational efficiency, data integrity, collision resistance, and attack resistance. The results showed its avalanche percentage exceeded the 50% target, reaching 50.08%. Experimental hash-cracking failed to decode the hashes created by the modified algorithm, verifying its protective efficiency. The algorithm also successfully demonstrated data integrity and collision resistance. This indicates that the enhanced SHA-512 algorithm is an effective, more secure hashing method, particularly applicable to email addresses.

show abstract

Section: Methodsmentioning

confidence: 99%

“…Comprehensive evaluation will encompass hash construction, computational efficiency, data integrity, collision resistance, and attack resistance. The avalanche effect will be quantified, and hash-cracking experiments will verify protective efficiency [21]. Additionally, data integrity and collision resistance will be rigorously assessed.…”

Section: Methodsmentioning

confidence: 99%

Modification of SHA-512 using Bcrypt and salt for secure email hashing

Eljim S. Castelo,

Jolo L. Apostol IV,

Michael A. Cortez

et al. 2024

IJEECS

View full text Add to dashboard Cite

show abstract

“…Aggarwal [21] implemented the Bcrypt and SHA512 algorithms by using distributed cloud computing. Ge et al [22] optimized the exhaustive attack of the SHA512 algorithm on the GPU. Dürmuth et al [23] implemented two types of hash passwords, Bcrypt and Scrypt, on a GPU and FPGA, respectively.…”

Section: B Password Recovery Algorithmmentioning

confidence: 99%

Reconfigurable and High-Efficiency Password Recovery Algorithms Based on HRCA

Feng

Chen

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Cryptographic algorithms are widely used in information security fields such as network protocol authentication and commercial encryption software. Password recovery based on the hash algorithm is an important means of electronic forensics, encrypted information restoration, illegal information filtering, and network security maintenance. The traditional password recovery system is based mainly on the CPU and GPU and has a low energy efficiency ratio and cracking efficiency and cannot meet highperformance computing requirements. To further improve the computational efficiency and application flexibility of password recovery algorithms, this paper proposes a reconfigurable computing kernel design method based on a hybrid reconfigurable computing array (HRCA). Through in-depth analysis of the hash algorithm, the basic computing kernel set is extracted, and the combination design is carried out from the unit kernel, interconnection and storage structure to reconstruct the hash algorithm to match the application with the appropriate structure. Second, combined with the pipeline technology, the full pipeline hash and high-speed password attack algorithms are optimized and implemented to meet the needs of highperformance computing. Finally, an advanced computing kernel library is established, and the combination of a computing kernel map from the control and communication levels to achieve multidimensional reconfigurable computing and an overall placement strategy is used to make full use of the chip resources to improve computational efficiency. The experimental results and analysis show that compared with traditional CPU and GPU methods, the password recovery algorithm designed in this paper has the highest cracking speeds at 78.22 times and 2.65 times that of the CPU and GPU, respectively, and the highest energy efficiency ratio is 25.88 times and 3.16 times that of the CPU and GPU, respectively. Furthermore, the recovery efficiency has been significantly improved and meets the requirements of high-performance password recovery computing.

show abstract

“…Unlike online attacks where 10 10 bogus login attempts are easily noticeable, it is easy to compute that many hashes offline, on special-made machines. This is one of the main risks with database leaks, as even consumer machines can nowadays brute-force more than 1 billion such hashes per second [15,11,43].…”

Section: Best Practicesmentioning

confidence: 99%

Moving to Client-Side Hashing for Online Authentication

Blanchard

Coquand²,

Selker

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Credential leaks still happen with regular frequency, and show evidence that, despite decades of warnings, password hashing is still not correctly implemented in practice. The common practice today, inherited from previous but obsolete constraints, is to transmit the password in cleartext to the server, where it is hashed and stored. We investigate the advantages and drawbacks of the alternative of hashing client-side, and show that it is present today exclusively on Chinese websites. We also look at ways to implement it on a large scale in the near future.

show abstract

Optimized Password Recovery for SHA-512 on GPUs

Cited by 13 publications

References 3 publications

Modification of SHA-512 using Bcrypt and salt for secure email hashing

Modification of SHA-512 using Bcrypt and salt for secure email hashing

Reconfigurable and High-Efficiency Password Recovery Algorithms Based on HRCA

Moving to Client-Side Hashing for Online Authentication

Contact Info

Product

Resources

About