| Title | Analysis of GPGPU-Based Brute-Force and Dictionary Attack on SHA-1 Password Hash |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Laatansa, Saputra, Ragil, Noranita, Beta |
| Conference Name | 2019 3rd International Conference on Informatics and Computational Sciences (ICICoS) |
| Keywords | authentication data, authorisation, brute force attacks, brute-force, cryptography, dictionary attack, encrypted file, file organisation, general-purpose computing on graphics processing unit, GPGPU-based brute-force attack, GPGPU-based cracking, hashed password data, human factors, mask-attack, message authentication, password hash, policy-based governance, pubcrawl, secure hash algorithm, SHA-1, SHA-1 password hash, word-list |
| Abstract | Password data in a system usually stored in hash. Various human-caused negligence and system vulnerability can make those data fall in the hand of those who isn't entitled to or even those who have malicious purpose. Attacks which could be done on the hashed password data using GPGPU-based machine are for example: brute-force, dictionary, mask-attack, and word-list. This research explains about effectivity of brute-force and dictionary attack which done on SHA-l hashed password using GPGPU-based machine. Result is showing that brute-force effectively crack more password which has lower set of character, with over 11% of 7 or less characters passwords vs mere 3 % in the dictionary attack counterpart. Whereas dictionary attack is more effective on cracking password which has unsecure character pattern with 5,053 passwords vs 491 on best brute-force attack scenario. Usage of combined attack method (brute-force + dictionary) gives more balanced approach in terms of cracking whether the password is long or secure patterned string. |
| DOI | 10.1109/ICICoS48119.2019.8982390 |
| Citation Key | laatansa_analysis_2019 |
Analysis of GPGPU-Based Brute-Force and Dictionary Attack on SHA-1 Password Hash