| Name: | Description: | Size: | Format: | |
|---|---|---|---|---|
| 4.56 MB | Adobe PDF |
Authors
Advisor(s)
Abstract(s)
A crescente preocupação com a segurança cibernética impulsionou o desenvolvimento de ferramentas e técnicas para proteger dados confidenciais. O Hashcat, uma ferramenta de auditoria de senhas amplamente utilizada, é capaz de explorar o poder de processamento paralelo das GPUs para acelerar a quebra de hashes criptográficos. No entanto, a utilização eficiente do Hashcat em larga escala apresenta desafios, como a necessidade de gerenciar múltiplas GPUs e otimizar recursos computacionais. Este trabalho apresenta o Hashcat como Serviço (HaaS), uma plataforma que visa simplificar e otimizar o processo de recuperação de senhas, tornando-o mais acessível e eficiente. O HaaS combina o Hashcat com tecnologias de containerização (Docker) e o middleware remote OpenCL (rOpenCL), permitindo a criação e gestão de instâncias do Hashcat em containers, capazes de tirar partido tanto de GPUs locais como remotas, e incluindo facilidades de migração das instâncias, de forma a maximizar o uso das GPUs. A metodologia de desenvolvimento incluiu a experimentação com o Hashcat em diferentes ambientes, o projeto e desenvolvimento do HaaS e a avaliação do sistema desenvolvido. A avaliação do HaaS em diferentes configurações demonstrou resultados promissores, confirmando sua capacidade de lidar com cargas de trabalho intensivas e sua flexibilidade para se adaptar a diferentes cenários e disponibilidades de recursos.
Dessarte, o HaaS representa uma contribuição importante na área de recuperação de senhas, oferecendo uma plataforma escalável, eficiente e de fácil utilização.
The growing concern with cybersecurity has driven the development of tools and techni- ques to protect sensitive data. Hashcat, a widely used password auditing tool, is able to exploit the parallel processing power of GPUs to speed up the breaking of cryptographic hashes. However, the efficient use of Hashcat at large scale presents challenges, such as the need to manage multiple GPUs and optimize computational resources. This work presents Hashcat as a Service (HaaS), a platform that aims to simplify and optimize the password recovery process, making it more accessible and efficient. HaaS combines Hashcat with container technologies (Docker) and remote OpenCL middleware (rOpenCL), allowing to create and manage Hashcat instances in containers, leveraging the processing power of local and remote GPUs, and supporting migration of instances in order to maximize GPU utilization. The development methodology included experimentation with Hashcat in different environments, the design and development of HaaS and the evaluation of the developed system. The evaluation of HaaS in different configurations demonstrated promising results, confirming its ability to handle intensive workloads and its flexibility to adapt to different scenarios and resources availability. As such, HaaS represents an valuable contribution in the password recovery field, offering a scalable, efficient and user-friendly platform.
The growing concern with cybersecurity has driven the development of tools and techni- ques to protect sensitive data. Hashcat, a widely used password auditing tool, is able to exploit the parallel processing power of GPUs to speed up the breaking of cryptographic hashes. However, the efficient use of Hashcat at large scale presents challenges, such as the need to manage multiple GPUs and optimize computational resources. This work presents Hashcat as a Service (HaaS), a platform that aims to simplify and optimize the password recovery process, making it more accessible and efficient. HaaS combines Hashcat with container technologies (Docker) and remote OpenCL middleware (rOpenCL), allowing to create and manage Hashcat instances in containers, leveraging the processing power of local and remote GPUs, and supporting migration of instances in order to maximize GPU utilization. The development methodology included experimentation with Hashcat in different environments, the design and development of HaaS and the evaluation of the developed system. The evaluation of HaaS in different configurations demonstrated promising results, confirming its ability to handle intensive workloads and its flexibility to adapt to different scenarios and resources availability. As such, HaaS represents an valuable contribution in the password recovery field, offering a scalable, efficient and user-friendly platform.
Description
Mestrado de dupla diplomação com a UTFPR - Universidade Tecnológica Federal do Paraná
Keywords
Desenvolvimento web Criptografia aplicada Computação paralela e distribuída Virtualização e containerização Sistemas heterogêneos