High-speed implementation of bcrypt password search using special-purpose hardware

Author

Wiemer, Friedrich ; Zimmermann, Ralf

Author_Institution

Horst Gortz Inst. for IT-Security (HGI), Ruhr-Univ. Bochum, Bochum, Germany

fYear

2014

fDate

8-10 Dec. 2014

Firstpage

1

Lastpage

6

Abstract

Using passwords for user authentication is still the most common method for many internet services and attacks on the password databases pose a severe threat. To reduce this risk, servers store password hashes, which were generated using special password-hashing functions, to slow down guessing attacks. The most frequently used functions of this type are PBKDF2, bcrypt and scrypt. In this paper, we present a novel, flexible, high-speed implementation of a bcrypt password search system on a low-power Xilinx Zynq 7020 FPGA. The design consists of 40 parallel bcrypt cores running at 100 MHz. Our implementation outperforms all currently available implementations and improves password attacks on the same platform by at least 42%, computing 6,511 passwords per second for a cost parameter of 5.

Keywords

cryptography; field programmable gate arrays; message authentication; bcrypt password search system; field-programmable gate arrays; frequency 100 MHz; high-speed password search system implementation; low-power Xilinx Zynq 7020 FPGA; parallel bcrypt cores; password attacks; special-purpose hardware; Clocks; Cryptography; Fabrics; Field programmable gate arrays; Hardware; Power demand; Registers;

fLanguage

English

Publisher

ieee

Conference_Titel

ReConFigurable Computing and FPGAs (ReConFig), 2014 International Conference on

Conference_Location

Cancun

Print_ISBN

978-1-4799-5943-3

Type

conf

DOI

10.1109/ReConFig.2014.7032529

Filename

7032529