Hash-Based Authentication Revisited in the Age of High-Performance Computers

Niclas Hedam, Jakob Mollerup, Pinar Tozun
IT University of Copenhagen
International Workshop on Accelerating Analytics and Data Management Systems, 2020


   title={Hash-Based Authentication Revisited in the Age of High-Performance Computers},

   author={Hedam, Niclas and Mollerup, Jakob and T{"o}z{"u}n, P{i}nar},



Download Download (PDF)   View View   Source Source   



Hash-based authentication is a widespread technique for protecting passwords in many modern software systems including databases. A hashing function is a one-way mathematical function that is used in various security contexts in this domain. In this paper, we revisit three popular hashing algorithms (MD5, SHA-1, and NTLM), that are considered weak or insecure. More specifically, we explore the performance of the hashing algorithms on different hardware platforms, from expensive high-end GPUs found in data centers and high-performance computing centers to relatively cheaper consumer-grade ones found in the homes of end-users. In parallel, we observe the behavior of different hardware platforms. Our results re-emphasize that despite their theoretical strength, the practical utilization of widely used hashing algorithms are highly insecure in many real-world scenarios; i.e., cracking a password of length 6 takes less than 6 seconds using a consumer-grade GPU.
No votes yet.
Please wait...

* * *

* * *

* * *

HGPU group © 2010-2022 hgpu.org

All rights belong to the respective authors

Contact us: