Current Events: GPU Accelerated WIFI Cracking
source articles:
http://www.tgdaily.com/content/view/41032/144/
http://blogs.zdnet.com/security/?p=2419
GPU (graphical processing units) are usually intended to be dedicated hardware to aid in rendering 2D and 3D images. However, as their computing and parallel processing abilities have grown to astounding levels, many have begun to think of ways to leverage this into other areas. Recently, ElcomSoft has released a wireless security auditing software which leverages the GPU to increase the number of passwords which can be brute forced per second — the Nvidia Tesla S1070, according to the tgdaily article, can test up to 52,400 passwords per second. To put that into perspective a Core 2 Quad Q6600 can try 1100 per second. Though is is a legitimate software released by a security auditing firm, it isn’t unreasonable to expect that this kind of password cracking capability will be attempted by skilled attackers. All of this is part of a larger trend of graphical technologies beginning to emerge as a security concern: graphics drivers often have kernel level operating system access, and plans for software that can use DirectX rendering remotely could be a major headache for preventing malicious graphical content from compromising the system (rumors are that flash 10 could have this capability. If so, this would add to flash’s history of security concerns). It isn’t really feasible to prevent more integrated graphics, so as always, careful engineering and threat modeling will be called for.