http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=226700303 By Mathew J. Schwartz InformationWeek August 16, 2010 Passwords with fewer than 12 characters can be quickly brute-force decoded using a PC graphics processing unit (GPU) that costs just a few hundred dollars, according to researchers at the Georgia Institute of Technology. "We've been using a commonly available graphics processor to test the integrity of typical passwords of the kind in use here at Georgia Tech and many other places," said Richard Boyd, a senior research scientist at the university's research institute, in a statement. "Right now we can confidently say that a seven-character password is hopelessly inadequate." Today's top graphics processors offer about two teraflops of parallel processing power. For comparison, "in the year 2000, the world's fastest supercomputer, a cluster of linked machines costing $110 million, operated at slightly more than 7 teraflops," he said. The barrier to using multi-core graphics processors -- available from Nvidia or AMD's ATI division -- for compute-intensive processes other than graphics processing, said Boyd, first fell in 2007, when Nvidia released a C-based software development kit. "Once Nvidia did that, interest in GPUs really started taking off," he said. "If you can write a C program, you can program a GPU now." Or use it to crack a password. [...] -- Visit InfoSec News! http://www.infosecnews.org/Received on Tue Aug 17 2010 - 00:27:50 PDT
This archive was generated by hypermail 2.2.0 : Tue Aug 17 2010 - 00:34:34 PDT