ITU

Hash-Based Authentication Revisited in the Age of High-Performance Computers

Research output: Conference Article in Proceeding or Book/Report chapterArticle in proceedingsResearchpeer-review

Standard

Hash-Based Authentication Revisited in the Age of High-Performance Computers. / Hedam, Niclas; Mollerup, Jakob; Tözün, Pinar.

International Workshop on Accelerating Analytics and Data Management Systems: ADMS’20. Tokyo, Japan, 2020.

Research output: Conference Article in Proceeding or Book/Report chapterArticle in proceedingsResearchpeer-review

Harvard

Hedam, N, Mollerup, J & Tözün, P 2020, Hash-Based Authentication Revisited in the Age of High-Performance Computers. in International Workshop on Accelerating Analytics and Data Management Systems: ADMS’20. Tokyo, Japan. <http://www.adms-conf.org/2020-camera-ready/ADMS20_02.pdf>

APA

Hedam, N., Mollerup, J., & Tözün, P. (2020). Hash-Based Authentication Revisited in the Age of High-Performance Computers. In International Workshop on Accelerating Analytics and Data Management Systems: ADMS’20 http://www.adms-conf.org/2020-camera-ready/ADMS20_02.pdf

Vancouver

Hedam N, Mollerup J, Tözün P. Hash-Based Authentication Revisited in the Age of High-Performance Computers. In International Workshop on Accelerating Analytics and Data Management Systems: ADMS’20. Tokyo, Japan. 2020

Author

Hedam, Niclas ; Mollerup, Jakob ; Tözün, Pinar. / Hash-Based Authentication Revisited in the Age of High-Performance Computers. International Workshop on Accelerating Analytics and Data Management Systems: ADMS’20. Tokyo, Japan, 2020.

Bibtex

@inproceedings{8d8fe452949e4ecf8b0de672fc939f86,
title = "Hash-Based Authentication Revisited in the Age of High-Performance Computers",
abstract = "Hash-based authentication is a widespread technique for protecting passwords in many modern software systems including databases. A hashing function is a one-way mathematical function that is used in various security contexts in this domain. In this paper, we revisit three popular hashing algorithms (MD5, SHA-1, and NTLM), that are considered weak or insecure. More specifically, we explore the performance of the hashing algorithms on different hardware platforms, from expensive high-end GPUs found in data centers and high-performance computing centers to relatively cheaper consumer-grade ones found in the homes of end-users. In parallel, we observe the behavior of different hardware platforms. Our results re-emphasize that despite their theoretical strength, the practical utilization of widely used hashing algorithms are highly insecure in many real-world scenarios; i.e., cracking a password of length 6 takes less than 6 seconds using a consumer-grade GPU.",
author = "Niclas Hedam and Jakob Mollerup and Pinar T{\"o}z{\"u}n",
year = "2020",
month = aug,
day = "31",
language = "English",
booktitle = "International Workshop on Accelerating Analytics and Data Management Systems",

}

RIS

TY - GEN

T1 - Hash-Based Authentication Revisited in the Age of High-Performance Computers

AU - Hedam, Niclas

AU - Mollerup, Jakob

AU - Tözün, Pinar

PY - 2020/8/31

Y1 - 2020/8/31

N2 - Hash-based authentication is a widespread technique for protecting passwords in many modern software systems including databases. A hashing function is a one-way mathematical function that is used in various security contexts in this domain. In this paper, we revisit three popular hashing algorithms (MD5, SHA-1, and NTLM), that are considered weak or insecure. More specifically, we explore the performance of the hashing algorithms on different hardware platforms, from expensive high-end GPUs found in data centers and high-performance computing centers to relatively cheaper consumer-grade ones found in the homes of end-users. In parallel, we observe the behavior of different hardware platforms. Our results re-emphasize that despite their theoretical strength, the practical utilization of widely used hashing algorithms are highly insecure in many real-world scenarios; i.e., cracking a password of length 6 takes less than 6 seconds using a consumer-grade GPU.

AB - Hash-based authentication is a widespread technique for protecting passwords in many modern software systems including databases. A hashing function is a one-way mathematical function that is used in various security contexts in this domain. In this paper, we revisit three popular hashing algorithms (MD5, SHA-1, and NTLM), that are considered weak or insecure. More specifically, we explore the performance of the hashing algorithms on different hardware platforms, from expensive high-end GPUs found in data centers and high-performance computing centers to relatively cheaper consumer-grade ones found in the homes of end-users. In parallel, we observe the behavior of different hardware platforms. Our results re-emphasize that despite their theoretical strength, the practical utilization of widely used hashing algorithms are highly insecure in many real-world scenarios; i.e., cracking a password of length 6 takes less than 6 seconds using a consumer-grade GPU.

M3 - Article in proceedings

BT - International Workshop on Accelerating Analytics and Data Management Systems

CY - Tokyo, Japan

ER -

ID: 85281550