Cloud and Control: Factoring and Cracking
Other people have presented on operating 'in the cloud': running jobs on a few nodes in EC2. This talk is about how to control 2000 instances as easily as 2 using BOINC, the open source software behind SETI@Home, ClimatePrediction.net, and other volunteer distributed computing projects. Setup and administration of BOINC is shown with the context of examples: factoring RSA keys and cracking passwords. A new approach to hands-off password cracking was developed and benchmarked against Korelogic’s Defcon 2010 Crack Me If You Can contest, using three different password crackers across seven hash formats. Private keys for 512 bit SSL Certificates are recovered in under two days using open source software; and analysis is shown on the necessity of 'good' polynomial selection and oversieving.
Sobre Tom Ritter
Tom Ritter is a Security Engineer at Gotham Digital Science, a frequenter of @nysecsec, and has far more ideas than time. He is interested in nearly all aspects of cryptography, privacy, anonymity, and pseudonymity; the interesting areas of security; and traveling. He is located corporeally in New York City, virtually at http://ritter.vg, and meta-physically has been lost for quite some time.