用 FPGA 破 WPA2

Twitter 上看到「Efficient High-Speed WPA2 Brute Force Attacks using Scalable Low-Cost FPGA Clustering」這篇論文,講比較便宜的 FPGA 破 WPA2 的最佳化。主要的成果可以從表格看到,這是 FPGA 的:

Ztex 1.15y 應該是「USB-FPGA Module 1.15y: Quad-Spartan 6 LX150 FPGA Board with USB 2.0 Microcontroller」這組,而 Ztex 2.16 應該是「USB-FPGA Module 2.16: Artix 7 XC7A200T FPGA Board with USB 2.0」,價位 (美金) 也都標在上面了。

而這是 GPU 的效能:

可以看出來 FPGA 的速度還蠻快的,但用電相當省。不過不得不說 WPA2 用的 PBKDF2 的確讓破解的難度高了很多,讓我想到這個:

USD$75 解 RSA 512bits

Cryptology ePrint Archive 上面剛好是 2015 年編號 1000 號的論文:「Factoring as a Service」。透過 Amazon EC2 服務以及 CADO-NFS 的幫助,四小時內就可以解出 512bits RSA,而如同作者說的,雖然已經很不安全了,但在許多地方仍然被使用著:

The difficulty of integer factorization is fundamental to modern cryptographic security using RSA encryption and signatures. Although a 512-bit RSA modulus was first factored in 1999, 512-bit RSA remains surprisingly common in practice across many cryptographic protocols. Popular understanding of the difficulty of 512-bit factorization does not seem to have kept pace with developments in computing power. In this paper, we optimize the CADO-NFS and Msieve implementations of the number field sieve for use on the Amazon Elastic Compute Cloud platform, allowing a non-expert to factor 512-bit RSA public keys in under four hours for $75. We go on to survey the RSA key sizes used in popular protocols, finding hundreds or thousands of deployed 512-bit RSA keys in DNSSEC, HTTPS, IMAP, POP3, SMTP, DKIM, SSH, and PGP.

另外也有專案網站:「Factoring as a Service」,程式碼也有放上 GitHub:「Factoring as a Service」。