Roth wrote about the result of an experiment in which he has used an instance of Amazon's Cluster GPU (Graphics Processing Units) to decrypt hashes generated using the SHA1 algorithm. On those instances you installed Nvidia's GPU Computing SDK and CUDA-Multiforcer v0.7.
Roth was able to crack 14 passwords in 49 minutes, paying just $2.10 for an hour of compute time from 2 NVIDIA Tesla "Fermi" M2050 GPUus processors.
GPUs are processors designed to handle complex calculations used by graphics-intensive applications, such as computer games. But scientists and mathematicians have adapted them to carry out other general-purpose applications. Amazon's CPU cluster offering allows developers to rent their high-performance services instead of buying and installing the equipment themselves.
"I think cloud-based cracking has a future as renting groups of GPUs has reduced the time needed to break passwords," he said.
"The good thing is that you can create a cluster of 100 workstations with a few clicks and without having to invest in your own infrastructure. As you divide the task of breaking a hash into several instances, you can decrease the total time, without having more costs."
Roth isn't the first to realize the potential of cloud-based resources to do the heavy lifting needed to break encryption. WPACracker is a cloud-based password cracking service that can be used to break Wi-Fi passwords protected by WPA and WPA-PSK.
The site offers a set of 40 CPUs that test passwords against a dictionary of 135 or 284 million WPA passwords. The site promises to be able to crack WPA passwords in an average of as little as 20 minutes at a cost of $17. The service is advertised as a tool for penetration testing and for auditors.
Here you can see an example of its operation and the tests that Thomas performed using this SHA1 hash list.
Source: Threatpost
