Distributed MD5 Brute Force Using Message Passing Interface (MPI) on ARM Architecture

Authors

  • Maulana Bagus Saputra Universitas Dian Nuswantoro
  • Chaerul Umam Universitas Dian Nuswantoro

DOI:

https://doi.org/10.26623/transformatika.v20i2.5630

Keywords:

Brute-force attack, MD5, Message Passing Interface, ARM

Abstract

Over the years, there has been a computing paradigm shift towards smart devices. However, the security aspect of this type of device is questionable. In this research, the writer provides a design, implementation, and testing of a distributed MD5 brute-force attack method. Testing is performed using two systems. The first system is an ARM Cluster consisting of four single-board computers. The second system is a conventional server with two Xeon processors. From this research, the writer wants to answer the question of whether distributed brute-force attacks using IoT nodes can be realized in the real world by doing a comparison between increases of ARM Cluster performance with node addition to conventional server performance. From the test result, Xeon model performance is equivalent to 8 ARM Clusters and around 30 ARM nodes are required to match Xeon model performance.

References

Sinung, S., & I Putu, A. E. (2015). Wireless Sensor Network. Bandung: Informatika

Vervier, P.-A. (2018). Before Toasters Rise Up: A View into the Emerging IoT Threat Landscape. Research in Attacks, Intrusions, and Defenses (pp. 556--576). Cham: Springer International Publishing.

Dave, M., Wei, G., & Charles, D. (2020, September 17). A New Botnet Attack Just Mozied Into Town. Retrieved from Security Intelligence - Cybersecurity Analysis & Insight: https://securityintelligence.com/posts/botnet-attack-mozi-mozied-into-town/

S. Salamatian, W. H. (2019). Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization. IEEE Transactions on Information Forensics and Security, 2288-2299.

Kaspersky Lab. (2018, April 26). Brute Force Attack: Definition and Examples. Retrieved from Kaspersky: https://www.kaspersky.com/resource-center/definitions/brute-force-attack

OWASP Foundation. (2021, May 8). Cryptanalysis | OWASP Foundation. Retrieved from OWASP Foundation: https://owasp.org/www-community/attacks/Cryptanalysis

Asmin Bhandari, M. B. (2017). Enhancement of MD5 Algorithm for Secured Web Development. Journal of Software.

S. Kr ¼ger, J. S. (2019). CrySL: An Extensible Approach to Validating the Correct Usage of Cryptographic APIs. IEEE Transactions on Software Engineering, 1-1.

V. Chiriaco, A. F. (2016). Finding partial hash collisions by brute force parallel programming. 2016 IEEE 37th Sarnoff Symposium.

Ali, Z. M., & Ahmad, A. (2016). IMPLEMENTATION OF PARALLEL ALGORITHM FOR LUC CRYPTOSYSTEMS BASED ON ADDITION CHAIN BY A MESSAGE PASSING INTERFACE. Journal of Theoretical & Applied Information Technology, 92, 1.

Asmin Bhandari, M. B. (2017). Enhancement of MD5 Algorithm for Secured Web Development. Journal of Software.

Auth0 Inc. (2021, November 27). How to Hash Passwords: One-Way Road to Enhanced Security. Retrieved from Auth0 - Blog: https://auth0.com/blog/hashing-passwords-one-way-road-to-security/

Bruce, S. (2015). Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition. Wiley.

Dean, T. (2012). Network+ guide to networks. Cengage Learning.

Ghafouri, M. R. (2017). On a Novel Grid Computing-Based Distributed Brute-force Attack Scheme (GCDBF) By Exploiting Botnets. International Journal of Computer Network and Information Security, 21-29.

Downloads

Additional Files

Published

2023-01-20

Issue

Vol. 20 No. 2 (2023): January

Section

Artikel

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.

Creative Commons License
Transformatika is licensed under a  Creative Commons Attribution 4.0 International License.