Security Response: Showing posts by Erik Kamerling

On October 25, 2007, Elcomsoft Co Ltd. in Moscow, Russia filed for a US patent on a reportedly new password recovery method that makes use of a video card's graphics processing unit (GPU). Elcomsoft credits the February 2007 release of the NVIDIA CUDA C-Compiler and developer's kit for providing the necessary low-level GPU access they needed to make this cryptographic advancement. The newest NVIDIA GPUs act as multiprocessors that utilize shared memory, cache, and multiple registers. The newest graphics cards utilize fixed point calculations, relatively massive amounts of memory, and multiple processing units. They differ significantly from a computer's central processing unit (CPU) in terms of their cryptanalytic processing capabilities and Elcomsoft claims to have leveraged newer GPU architectures to improve brute force password cracking by a factor of 25.

Statistics from Elcomsoft state that the new method can be used to exhaustively crack an eight...

Welcome back. In my previous blog I was telling you about Kohno et al discovering how we can manipulate a Windows machine into starting to timestamp in the middleof a non-Tsopt enabled flow. If we have control of a machine that aWindows client connects to or we act in a man-in-the-middle (MiTM)capacity on a flow involving Windows hosts, we can perform a simpletrick. The “attacker” must actively modify a TCP SYN/ACK packet halfwaythrough the regular TCP handshake with a Windows host (server toclient) to incorrectly contain Tsval in violation of thetimestamp standard. If RFC 1323 guidance was adhered to in thissituation, a Windows system facing such an unexpected Tsopt in SYN/ACKwould not begin to timestamp its packets. However, it was discoveredthat if we introduce such a Tsopt-enabled SYN/ACK we can trick...