Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Parallel Implementation of Scrypt: A Study on GPU Acceleration for Password-Based Key Derivation Function

  • SeongJun Choi (Department of Information Security, Cryptology, and Mathematics, Kookmin University) ;
  • DongCheon Kim (Department of Financial Information Security, Kookmin University) ;
  • Seog Chung Seo (Department of Financial Information Security, Kookmin University)
  • Received : 2023.08.10
  • Accepted : 2024.01.16
  • Published : 2024.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Scrypt is a password-based key derivation function proposed by Colin Percival in 2009 that has a memory-hard structure. Scrypt has been intentionally designed with a memory-intensive structure to make password cracking using ASICs, GPUs, and similar hardware more difficult. However, in this study, we thoroughly analyzed the operation of Scrypt and proposed strategies to maximize computational parallelism in GPU environments. Through these optimizations, we achieved an outstanding performance improvement of 8284.4% compared with traditional CPU-based Scrypt computations. Moreover, the GPU-optimized implementation presented in this paper outperforms the simple GPU-based Scrypt processing by a significant margin, providing a performance improvement of 204.84% in the RTX3090. These results demonstrate the effectiveness of our proposed approach in harnessing the computational power of GPUs and achieving remarkable performance gains in Scrypt calculations. Our proposed implementation is the first GPU implementation of Scrypt, demonstrating the ability to efficiently crack Scrypt.

Keywords

Acknowledgement

This work was supported by the National Research Foundation of Republic of Korea (NRF) grant funded by MSIT (No. 2022R1C1C1013368, 100%).

References

  1. C. Percival, "Stronger key derivation via sequential memory-hard functions," 2009. [Online] Available: https://www.bsdcan.org/2009/schedule/attachments/87_scrypt.pdf 
  2. D. Florencio and C. Herley, "A large-scale study of web password habits," in Proceedings of the 16th international conference on World Wide Web, New York, USA, pp. 657-666. 2007. DOI: 10.1145/1242572.1242661. 
  3. NVIDIA, CUDA Toolkit Documentation, [Online] Avaliable: https://docs.nvidia.com/cuda/. 
  4. NVIDIA, CUDA Programming Guide, [Online] Avaliable: https://docs.nvidia.com/cuda/cuda-c-programming-guide/. 
  5. C. Perciveral and S. Josefsson, "The scrypt password-based key derivation function." 2016. 
  6. L. Ren and S. Devadas, "Bandwidth hard functions for ASIC resistance," in Theory of Cryptography: 15th International Conference, TCC 2017, Baltimore, USA, pp. 466-492, 2017. DOI: 10.1007/978-3-319-70500-2_16. 
  7. J. Alwen and J. Blocki, "Efficiently computing data-independent memory-hard functions," in Annual International Cryptology Conference, Santa Barbara, USA, pp. 241-271, 2016. DOI: 10.1007/978-3-662-53008-5_9. 
  8. J. Alwen and J. Blocki, "Towards practical attacks on argon2i and balloon hashing," in 2017 IEEE European Symposium on Security and Privacy (EuroS&P), Paris, France, pp. 142-157, 2017. DOI: 10.1109/EuroSP.2017.47. 
  9. J. Alwen, J. Blocki, and K. Pietrzak, "Depth-robust graphs and their cumulative memory complexity," in Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, pp. 3-32, 2017. DOI: 10.1007/978-3-319-56617-7_1. 
  10. J. Alwen, B. Chen, K. Pietrzak, L. Reyzin, and S. Tessaro, "Scrypt is maximally memory-hard," in Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, pp. 33-62. 2017. DOI: 10.1007/978-3-319-56617-7_2. 
  11. J. Alwen, P. Gazi, C. Kamath, K. Klein, G. Osang, K. Pietrzak, L. Reyzin, M. Rolinek, and M. Rybar, "On the memory-hardness of data-independent password-hashing functions," in Proceedings of the 2018 on Asia Conference on Computer and Communications Security, Incheon, Republic of Korea, pp. 51-65, 2018. DOI: 10.1145/3196494.3196534. 
  12. J. Alwen and V. Serbinenko, "High parallel complexity graphs and memory-hard functions," in Proceedings of the forty-seventh annual ACM symposium on Theory of computing, Portland, USA, pp. 595- 603, 2015. DOI: 10.1145/2746539.2746622. 
  13. G. Ateniese, I. Bonacina, A. Faonio, and N. Galesi, "Proofs of space: When space is of the essence,". in Security and Cryptography for Networks: 9th International Conference, SCN 2014, Amalfi, Italy, pp. 538-557, 2014. DOI: 10.1007/978-3-319-10879-7_31. 
  14. A. Biryukov and D. Khovratovich, "Equihash: asymmetric proof-ofwork based on the generalized birthday problem (full version)," 2020. [Online] Available: https://core.ac.uk/download/pdf/31227294.pdf. 
  15. D. Boneh, H. Corrigan-Gibbs, and S. Schechter, "Balloon hashing: A memory-hard function providing provable protection against sequential attacks," in Advances in Cryptology-ASIACRYPT 2016: 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, pp. 220-248. 2016. DOI: 10.1007/978-3-662-53887-6_8. 
  16. J. Tromp, "Cuckoo cycle: a memory-hard proof of work system," 2015. [Online] Available: https://citeseerx.ist.psu.edu/document? repid=rep1&type=pdf&doi=bb5056086700086b1539d01148950c193953533d. 
  17. Bernstein, Daniel J, "The Salsa20 family of stream ciphers," New stream cipher designs: the eSTREAM finalists. Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 84-97, 2008. 
  18. I. Alkhwaja, M. Albugami, A. Alkhwaja, M. Alghamdi, H. Abahussain, F. Alfawaz, A. Almurayh, and N. Min-Allah "Password Cracking with Brute Force Algorithm and Dictionary Attack Using Parallel Programming," Applied Sciences, vol. 13, no. 10, p. 5979, May 2023. DOI: 10.3390/app13105979. 
  19. Z. Zhang and P. Liu, "A hybrid-CPU-FPGA-based solution to the recovery of sha256crypt-hashed passwords," IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2020, no. 4, pp. 1-23, Aug. 2020. DOI: 10.13154/tches.v2020.i4.1-23. 
  20. H. Choi and S. C. Seo, "Optimization of PBKDF2 using HMACSHA2 and HMAC-LSH families in CPU environment," IEEE Access, vol. 9, pp. 40165-40177, DOI: 10.1109/ACCESS.2021.3065082. 
  21. OpenSSL, Source code of Scrypt, [Online] Avaliable: https://www.openssl.org/source/old/1.1.1/openssl-1.1.1s.tar.gz. 
  22. V. T. D. Le, T. H. Tran, H. L. Pham, D. K. Lam, and Y. Nakashima, "Mrsa: A high-efficiency multi romix scrypt accelerator for cryptocurrency mining and data security." IEEE Access, vol. 9, pp. 168383-168396, DOI: 10.1109/ACCESS.2021.3.