Plasma TV components applied to password cracking
Bluetooth crypto blown in eight seconds
Forget networked PCs or even PlayStation 3s, components commonly found in plasma TVs are the latest thing in password cracking tools.
High performance FPGA (Field Programmable Gate Array) chips are the Chuck Norris of number crunching, equally suited to image processing and (with a bit of modification) password cracking.
During the Black Hat conference in Washington in February researcher Steve Mueller and David Hulton used FPGA kit in an attack that cracks standard GSM transmissions, encrypted using the A5/1 algorithm, in as little as 30 seconds.
The same technology can be applied to crack Bluetooth transmissions in as little as eight seconds, according to security consultancy SecureTest, which ran a demo of the technology at the recent Infosec conference.
Plasma TV FPGA board 'ups the ante' in password cracking
Tom Beale, a consultant at SecureTest, explained that networks of FPGA boards can be linked together for password cracking. The really serious can splash out $120K for high-end FPGA kit from the likes of Pico Computing.
For SecureTest's purposes, FPGA boards from old LG plasma TVs did the job.
The beauty of FPGAs, according to Beale, is that they are customisable. The technology is typically used in applications such as product development for networking kit but, with skill, it can be applied to other purposes.
Beale explained that FPGAs are software programmable. It is possible to change logic block components implemented by the device even when it's running, a skill that requires knowledge of hardware programming language HDL.
Ken Munro, managing director of SecureTest, said the technology ups the ante in the battle between code makers and breakers. "Encryption is not the magic bullet. There are subtle issues," Munro explained.
FPGAs are usually slower than application-specific integrated circuit (ASIC) counterparts and draw more power so, powerful though they are, they certainly aren't the last word in password cracking. ®
Sponsored: Protecting mobile certificates