OARC Spring 2013 Workshop (Dublin)

Name: OARC Spring 2013 Workshop (Dublin)
Start: 2013-05-12T09:30:00+01:00
End: 2013-05-13T13:00:00+01:00
Location: Burlington Hotel

12–13 May 2013

Burlington Hotel

Europe/Dublin timezone

Support

admin@dns-oarc.net

GPU-based NSEC3 Hash Breaking

13 May 2013, 09:50

25m

Burlington Hotel

Connaught Suite, Upper Leeson Street, Dublin 4, Ireland

OARC Public Workshop

Mr Matthäus Wander (University of Duisburg-Essen)

NSEC3 is a mechanism for authenticated denial of existence in DNSSEC-signed zones. To avoid zone enumeration, names are hashed with SHA-1 and only the resulting hash values are enumerable. In this talk, we present a GPU-based tool for NSEC3 hash breaking, written in OpenCL and Python. The tool can compute 1.8 billion NSEC3 iterations per second on a high-end gaming GPU (AMD Radeon HD 7970). We discuss hash breaking optimization attempts which are inspired by password cracking techniques. The results are meant to aid operators in deciding whether NSEC3 is a useful building block for their DNSSEC setup.

OARC Spring 2013 Workshop (Dublin)

Support

GPU-based NSEC3 Hash Breaking

Burlington Hotel

Speaker

Description

Primary author

Co-author

Presentation materials

Choose timezone

OARC Spring 2013 Workshop (Dublin)

Support

Speaker

Description

Primary author

Co-author

Presentation materials