Large Scale Brute Force Cryptanalysis - Wisecracker




Large scale brute force cryptanalysis needs a tremendous amount of computational power that government agencies like the NSA and companies like Google have.

An average security researcher might want to have such capabilities as well but they do not have the tools or the computational resources. Moreover, they might not be skilled in writing software that takes advantage of the computational resources provided by commercial-off-the-shelf systems with CUDA and OpenCL capable GPUs and computational clusters provided by Amazon EC2 and Microsoft Azure.

With Wisecracker we bridge this gap by providing an open source framework for security researchers to write their own cryptanalysis tools that can distribute brute force cryptanalysis work across multiple systems with multiple multi-core processors and GPUs. Security researchers can also use the sample tools provided as part of Wisecracker out-of-the-box.The differentiating aspect of Wisecracker is that it uses OpenCL and MPI together to distribute the work across multiple systems each having multiple CPUs and/or GPUs. We support the OpenCL libraries provided by Intel, AMD and NVIDIA, and support multiple operating systems such as Linux, Microsoft Windows and Apple’s Mac OSX.

Large Scale Brute Force Cryptanalysis: Wisecracker documentationLarge Scale Brute Force Cryptanalysis

Wisecracker is licensed under the GNU General Public License version 3 and is free for anyone to use. The source code and latest downloadable version of Wisecracker can be downloaded from Github.

Technical Details

Wisecracker comes with a C and C++ API for the user to write their own custom cryptanalysis software using a combination of OpenCL, C and/or C++.

Wisecracker internally uses a divide and conquer algorithm to distribute work or tasks across multiple systems which then internally use a round-robin style distribution for tasks to be distributed between OpenCL devices on that system.

An example application such as the MD5 password cracker is provided as a demonstration on how to use Wisecracker and also as a ready-to-use application for cracking passwords of up to 8 characters.

A user can download Wisecracker on a GPU cluster virtual machine provided by Amazon EC2 and reverse an MD5 cryptographic hash for a 6 character password in about 20 minutes if using 1 virtual machine or in about 3 minutes if using 2.

More applications for cracking cryptographic hashes such as SHA-1, SHA-256 and others will be added in the near future.