Security of Password Hashing in Cloud

作     者：Parves Kamal 

作者机构：Department of Information Systems Assurance St. Cloud State University St. Cloud MN USA 

出 版 物：《Journal of Information Security》 (信息安全（英文）)

年 卷 期：2019年第10卷第2期

页      面：45-68页

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Index Terms-Hash Collision GPGPU CUDA OpenCL 

摘      要：Though the History of using password in computing can be traced back to as far as mid of last century little focus has been implied on how to securely store and retrieve password to authenticate and authorize services to the end users. In this paper the current security of various password hashing schemes that are in use today will be investigated through practical proof of concept-GPU based, password hash dump cracking using the power of cloud computing. We will be providing comparison on different password hashing cracking time using the cloud GPU power in AWS. The focus of this paper is to show the possible use of cloud computing in cracking hash dumps and the way to countermeasures them by using secure hashing algorithm and using complex passwords.