High-Speed Passphrase Search System for PGP

Koichi SHIMIZU  Daisuke SUZUKI  Toyohiro TSURUMARU  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E93-A   No.1   pp.202-209
Publication Date: 2010/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E93.A.202
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Application
passphrase,  search,  FPGA,  PGP,  security,  

Full Text: PDF>>
Buy this Article

We propose an FPGA-based high-speed search system for cryptosystems that employ a passphrase-based security scheme. We first choose PGP as an example of such cryptosystems, clear several hurdles for high throughputs and manage to develop a high-speed search system for it. As a result we achieve a throughput of 1.1 105 passphrases per second, which is 38 times the speed of the fastest software. Furthermore we can do many flexible passphrase generations in addition to a simple brute force one because we assign the passphrase generation operation to software. In fact we implement a brute force and a dictionary-based ones, and get the same maximum throughput as above in both cases. We next consider the speed of passphrase generation in order to apply our system to other cryptosystems than PGP, and implement a hardware passphrase generator to achieve higher throughputs. In the PGP case, the very heavy iteration of hashing, 1025 times in our case, lowers the total throughput linearly, and makes the figure 1.1 105 suffice. In other cases without any such iteration structure, we have to generate even more passphrases, for example 108 per second. That can easily exceed the generation speed that software can offer and thus we conclude that it is now necessary to place the passphrase generation in hardware instead of in software.