Wednesday, November 12, 2008

Graphics cards are for cracking

I finally got around to testing Elcomsoft's WPA password cracking. If you'll remember, Elcomsoft announced last month that they could use the graphic card to crack WPA passwords 100 times faster than with a normal processor. I found it’s not 100 times faster, but the acceleration is significant enough that if you do WiFi pentesting, you should probably get a graphics card to speed this up.

I ran their software on a number of systems. A screen shot of the results are below:
The systems are:
  • "Core2Duo-GT260" is a nVidia GT260 GPU, w/ Core 2 Duo 3.0-GHz
  • "Core2Quad" is a Core 2 quad 2.4-GHz.
  • "EEE901" is an an Intel Atom 1.6-GHz dual-threaded.
  • "MacBookAir" is using the nVidia 9400m GPU, w/ Core 2 Duo 1.86-GHz
  • "Pentium3-400MHz" is using Intel Pentium III 400MHz single core CPU
Using the nVidia GT260 graphics card, the system could test roughly 10-thousand password hashes-per-second. A cheap quad-core CPU can only do about 1-thousand password hashes-per-second. This is not the 100-fold speed-up promised, but it is an impressive 10-fold speed-up.

I tried out some other processors as well. Intel has shipped a new extremely-mobile processor (intended for cell-phones) called the "Atom". It has roughly a tenth the CPU power of the desktop processor.

A tested the MacBook Air. Its graphics accelerator is actually slower than the built-in processor. Its 9400m GPU only does 178 hashes-per-second, but the Core 2 Duo could do around 400 hashes-per-second.

Graphics cards work by having a lot of tiny/simple processors. Here is a breakdown of some typical processors:

In theory, the speed of the cracking software should correlate with the frequency multiplied by the number of cores. The card to get right now is probably the 9800 GX2. I just ordered one from Newegg for $274. It puts two chips together on a single card, which should make it faster (as well as cheaper) than the GT260. I spent another $200 to get a system to go around it.

Elcomsoft currently cannot handle different cards. Therefore, when cracking software on a MacBook Pro (which has a 9400m and a 9600m), you won’t be able to use both simultaneously.

4 comments:

Hubert said...

Check out BarsWF - free Nvidia CUDA accelerated cracker for MD5 which is faster than Elcomsoft and they may soon be adding NTLM and MS Cache support according to their forums.

MadmanTM said...

hello robert, i was wondering, do you use mainly your macbook for all your security needs or you have more than one machine?

Thanks!

Robert Graham said...

Well, I've got desktops, servers, and laptops for various security needs. I recently switched from a 4-year old laptop to the MacBook Air to be my primary travel companion, but that's because the hardware is really sexy, not because of Mac OS vs. Windows vs. Linux.

MadmanTM said...

thanks for the information, i was curious, sorry if i moved away from topic.

obviously there is no point in getting into OS-wars, but yes indeed the hardware is sexy.