The GPU (Graphics processing unit) cracks passwords in minutes. The problem with commonly used protection algorithms is that hackers know their structure. This makes it possible to create a tool that can break this protection system.
“FACEPALM: A couple of years ago, Kaspersky Lab tested the resilience of hashed passwords against a modern gaming GPU. Now, the Moscow-based security firm has updated its study and found that things are getting slightly – but undeniably – worse.” (Techspot)
“Just in time for World Password Day, Kaspersky is reminding everyone that outdated hashing algorithms such as MD5 remain among the worst choices for storing passwords. In a recent post, the security firm revisited a 2024 study examining the "crackability" of real-world passwords. The conclusion is not surprising: password cracking speeds continue to improve, which means overall security is steadily getting worse.” (Techspot)
“Hashing algorithms are designed to convert strings of arbitrary length into fixed-length hash values. Even the smallest change in the input text produces a completely different hash, meaning that a properly secured hash database should protect user passwords from crackers and cybercriminals even if the database itself is leaked.” (Techspot))
Old-fashioned algorithms and platforms pose a major security problem. Those algorithms are created for response attacks. That was made of the old-fashioned microchips. Those microchips are very slow. If. We want to make some kind of brute-force attacks against old-fashioned protection algorithms. The new processor can generate passphrases more effectively than old-fashioned computers could protect them. In normal situations, the ASCII code is the letter’s numerical representation.
It is counted by using some binary numbers. The thing. What makes passwords more secure is the ability to use special marks like brackets. When the system starts to break the encryption. It starts to guess the most common passwords. Then it starts to replace. Letters using special marks. This makes it possible that the system will guess passwords quite easily.
This means that if the attacking software has complete dictionary books. And then things like statistical data about the most common passwords can help those attackers. The data mass that the system can use for training. It can make those attacks more effective. The problem is: how to train the AI? The user can use the forms and then write every single word from the dictionary book. Then that person replaces every. Single letter. One by one, using some special mark.
There are about. 250 000-100 000 words in the English language. When we want to make the form. There are special marks that replace every letter. And that process requires time. If we use only the special marks over the numbers and the question mark, we have ten replacement marks for each letter. This means that. Making those possible modes for each word requires a lot of time. In real life, there are more possibilities.
So, if we want to make an AI-based attacking algorithm that guesses passwords. That requires a lot of. work. And in that case, we think that person uses English. The problem is that. The person can use any language in the world as a base for a password. This makes this type of attack. Very hard to make in real life. The attack tool itself is not very hard to make, but it requires a lot of crew. Training the AI is not a very simple process.
https://www.techspot.com/news/112345-kaspersky-warns-passwords-hashed-md5-algorithm-can-cracked.html
https://en.wikipedia.org/wiki/Graphics_processing_unit
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.