(click image for larger view)
Slideshow: How Firesheep Can Hijack Web Sessions
German security researcher Thomas Roth may have discovered the ultimate in DIY dictionary attacks: using on-demand computing power courtesy of the Amazon Elastic Compute Cloud (EC2) to crack the SHA1 secure hashing algorithm for just $2.10.
On Monday, Roth detailed his experiment in a blog post, spurred by Amazon's introduction of cluster GPU instances. "GPUs are known to be the best hardware accelerator for cracking passwords, so I decided to give it a try: How fast can this instance type be used to crack SHA1 hashes?" he said.
His answer, using a list of 14 hashes: "I was able to crack all hashes from this file with a password length from 1-6 in only 49 minutes." According to Roth, "this just shows one more time that SHA1 for password hashing is deprecated -- you really don't want to use it anymore."
SHA1, developed by the National Security Agency, is today's most widely used hashing algorithm. Is it now at risk of attack via Amazon EC2-renting hackers?
Thankfully, no. Paul Ducklin, the head of technology for Sophos in the Asia-Pacific region, said that real-world password schemes hash hashes of hashes, adding layers of complexity to make recovering the password as "computationally infeasible" as possible. The older Linux password system, for example, hashes the hashes of passwords 1,000 times, while the newer one uses 5,000 iterations, he said.
Accordingly, to attack a Linux password -- based on the old Linux password system -- "Ross would need 1,000 times longer -- and $2,000 to blow on Amazon -- because each password would require 1,000 times as many calculations to hash," he said.
Furthermore, Ross' experiment wasn't very computationally intensive by today's standards. Ducklin said that in the time it took Ross to recover 10 passwords from 14 hashes, he used his MacBook Pro to recover eight of them. "Big deal," he said.
In other words, SHA1 seems relatively safe for now. That said, it's slated for replacement due to concerns that it has an inherent cryptographic weakness. Accordingly, the National Institute of Standards and Technology (NIST) is currently holding a competition to design the more secure SHA3. NIST hopes to release the new standard by 2012.