Forgot your password?
Encryption Government PlayStation (Games) United States IT Linux

US Government Using PS3s To Break Encryption 570

Posted by timothy
from the purchase-order-shenanigans dept.
Entropy98 writes "It seems that the US Immigration and Customs Enforcement Cyber Crimes Center, known as C3, has replaced its '$8,000 Tableau/Dell server combination' with more efficient and much cheaper $300 PS3s. Each PS3 is capable of 4 million passwords per second, and C3 currently has 20 PS3s with plans to buy 40 more. Naturally this is only being used to break encryption on computers seized with a warrant and suspected of harboring child pornography."
This discussion has been archived. No new comments can be posted.

US Government Using PS3s To Break Encryption

Comments Filter:
  • Re:What (Score:3, Informative)

    by plover (150551) * on Wednesday November 18, 2009 @06:24PM (#30149622) Homepage Journal

    It's a news article featuring small sound bites and quotes. It's not an in-depth technological review. Nobody quoted the environment in which they benchmarking their tests: AES-128, 3DES, DES, or whatever.

    And yes you certainly could test 4 million passwords a second on these machines, but again it really depends entirely on what algorithm you're attacking.

  • Re:What (Score:5, Informative)

    by Swift Kick (240510) on Wednesday November 18, 2009 @06:25PM (#30149636)

    You're right. The submitter didn't read the article (or lacked the reading comprehension to understand it).

    The article says that "the networked Playstation 3s can process 4 million passwords per second, cutting down on the time necessary to find the correct combination.". Nowhere does it say that a single PS3 can do that.

  • by Rattenhirn (1416947) on Wednesday November 18, 2009 @06:28PM (#30149680)
    On the old (pre slim) PS3, you can install Linux legally and without any hard or soft mods. This was also possible with the old (pre slim, see the pattern?) PS2, if you bought a hard disk.
  • Re:What (Score:5, Informative)

    by blueg3 (192743) on Wednesday November 18, 2009 @06:29PM (#30149686)

    You usually don't care what the variable encryption scheme is when you're cracking -- typically, there is a method of simply verifying that the password is accurate, which is what they're doing. (Brute-forcing keys is fairly foolish with modern encryption systems, but brute-forcing passwords isn't.)

  • by davidwr (791652) on Wednesday November 18, 2009 @06:30PM (#30149718) Homepage Journal

    "He explained that the number of possible combinations in a six-digit password is 256 to the sixth power."

    Um, only if the person uses characters that can't be typed on a normal keyboard.

    In practice, the password "alphabet" is either 26, 52, 62, 84, or some other number not much above 84 characters. 84^6 is much less than 256^6.

    However, in practice, people who fear the cops will use a lot more than 6 digits.

    If the passwords are decent passphrases of, say, 6 words, taken out of a dictionary of even 2,000 common words, that's 2,000^6, or "still not that big of a number" as it's known in the security field. And that's if the person makes it easy by not using any spaces, using all lowercase, etc.

    The real smart crooks encrypt their stuff in a way that nothing short of banging them over the head with a $5 pipe wrench will ever reveal.

  • Re:What (Score:2, Informative)

    by commodore64_love (1445365) on Wednesday November 18, 2009 @06:31PM (#30149736) Journal

    +1 funny? Or +1 informative.

    In the UK they lock you in jail for year-after-year until you give them the encryption key. So much for the right to be presumed innocent until PROVED guilty.

  • Re:What (Score:1, Informative)

    by Anonymous Coward on Wednesday November 18, 2009 @06:35PM (#30149804)

    Just curious: does one encrypt files with a password? Any free software available for that task?

    BitLocker for Windows Vista/7 does the trick.

  • by Wonko the Sane (25252) * on Wednesday November 18, 2009 @06:49PM (#30150030) Journal

    Um, only if the person uses characters that can't be typed on a normal keyboard.

    If the smart crooks are using any version of Windows then they can access all extended characters from their normal keyboard by holding down the ALT key and typing the character code on the numeric keypad.

    I used character 255 back in the Windows 3.1 days to make directories that no one else could figure out how to get in to. (DOS had no problem but windows couldn't handle a file with that character in the name)

  • by Hatta (162192) on Wednesday November 18, 2009 @06:49PM (#30150032) Journal

    Who said there was a problem?

  • by klingens (147173) on Wednesday November 18, 2009 @06:54PM (#30150108)

    Sorry to inform you that your memory isn't serving you. The SPEs work in Linux just fine, it's the videocard that doesn't. In short, Sony doesn't want you to play games under Linux so no one can develop games that run on Linux (cirvumventing Sony's stranglehold on the hardware) for the PS3. Linux games wouldn't need to pay Sony for each game sold as the normal titles do.

  • Re:What (Score:2, Informative)

    by Apatharch (796324) on Wednesday November 18, 2009 @06:54PM (#30150124)

    If by "year-after-year" you mean two years* [] then yes, you are correct. However, I get the feeling that's not what you intended to imply.

    * Or 5 years in terrorism-related cases

  • by cfalcon (779563) on Wednesday November 18, 2009 @07:46PM (#30150742)
    If the government wants into your data, they have a copy of the data (presumably because they lawfully confiscated it with a warrant). The last thing they are doing is asking *your OS to unlock itself*. If they are fortunate enough to grab your machine while it is ON and, say, the screen is locked, then they can just read the RAM directly after using the hotplug thing that lets them transport your still-running computer to the lab, from your wall. No need to decrypt anything if the key is in memory.

    If instead your machine is deactivated and everything is off, they would run a program versus the actual data on the drive (or rather, on a COPY of the drive that they make). At no point would they run your OS, and obviously if you just have a bunch of data to try to crack, there's nothing to "lock"- the only code running is the cracking code, guessing solutions. However, I wouldn't think that brute force would actually crack any secure passwords ever.
  • by Anonymous Coward on Wednesday November 18, 2009 @07:53PM (#30150832)

    Because you failed to read /. religously:

  • by Khopesh (112447) on Wednesday November 18, 2009 @08:17PM (#30151084) Homepage Journal

    I've done a lot of password-cracking math, even toyed with the idea of writing an academic paper on it. Generally, I work on the (generous) assumption that a well-groomed single node can chunk through 100k passwords per second and that things scale perfectly, so 20 nodes would work through 2M passwords per second. They're claiming their 20-node cluster can handle twice that, and I fully believe it. Powerful GPUs are known to perform extremely well on password cracking, and PS3s certainly have them. That's twice the performance for half to a fifth the cost. Nice, but not "OMG."

    They plan to scale up to 60 nodes, which is 12M pass/s. To break a 8-character monospace password (37 bits of complexity, which is pretty weak), it would take just under five hours ( 26^8/(12*10^6) /60/60 ). However, to break an 8-character alphanumeric password (case and numbers), that becomes seven months ( (26+26+10)^8/(12*10^6) /60/60/24/365*12 ).

    This is only scary when you have a super-intelligent dictionary attack. Scrape the hard drive and any subpoenaed documents for words and add that to a dictionary of common password parts, then perform your dictionary attack -- dreadfully powerful. To avoid falling victim to this, a good rule of thumb is that words are awesome to use, and they're more secure, but they're only about as secure as two random characters (three with a rich vocabulary including 3 or more of: arcane words, uncommon foreign words, uncommon misspelled words, uncommon proper nouns, l33t-speak ...). So that 13-char "secure password" you use that looks like metropolitan8 effectively only has three or four characters to a dictionary attacker, and that clever 14-char password of spageti4dinner has only five or six, depending on how good the attacker's dictionary is at misspelled words. A tip: put punctuation inside your words to break them up (without forming words), e.g. metr[opo;%litan8, and you've pretty much defeated the dictionary attack.

  • Re:What (Score:5, Informative)

    by Ash Vince (602485) on Wednesday November 18, 2009 @08:44PM (#30151362) Journal

    Why do you quote US sentences with other countries? "Innocent until proved guilty" comes from US, and while usually true elsewhere too, you seem to just flame with this shit again.

    Sorry to disapoint you but your legal system is only based on ours (I am a UK citizen). The presumation on innocence and the adversarial system you inherited just stems from english common law. Here is a link regarding presumption of innocence: []

    Here is a link on english common law: []

    For the most part it is a reasonable system so your founding fathers chose not to change too much of it when they threw off the yoke of english rule.

  • A tip: (Score:3, Informative)

    by falconwolf (725481) <falconsoaring_20 ... minus herbivore> on Wednesday November 18, 2009 @09:33PM (#30151812)

    put punctuation inside your words to break them up (without forming words), e.g. metr[opo;%litan8, and you've pretty much defeated the dictionary attack.

    I tried that once and was told I could not use a punctuation mark. I mix alphanumeric characters though.

  • by bertok (226922) on Wednesday November 18, 2009 @11:24PM (#30152620)

    However, to break an 8-character alphanumeric password (case and numbers), that becomes seven months

    Ah... theory!

    In practice, even very long passwords are trivially cracked in little time, using simple methods.

    Unfortunately, I lost the source, but while studying cryptography myself, I stumbled upon a quote from some guy involved in government decryption in the US, and (paraphrasing), he said that their technique was basically to pick up the hard disk from the machine with the protected content, and then simply try every consecutive range of bytes as a password.

    Unless the disk was encrypted with 'whole disk encryption', it works something like 90% of the time, simply because of stupid software saving plain-text passwords, users reusing passwords for various purposes, things like hibernation and page files, etc... I suspect that on disks from corporate networks, it would work even better, because if any one disk reveals the network admin password, you can unlock everything else from there.

    So if you have a 100 GB disk, and you try all byte ranges from 4 to 20 bytes long (to account for various password lengths), and you try every byte range as both an ASCII and UTF-16 string, that's merely 17x2x100*10^9 = 3400 billion passwords to try, or 3.2 days at your quoted "12 million passwords per second".

    In practice, most disks would crack much faster than that, if you aim the algorithm at the most likely sources first, such as the page and hibernation files, the user registry, and the web browser cache and configuration folders.

    The lesson I took away from that is that against an attacker with physical access, it really doesn't make the slightest difference how strong your password is, unless the entire disk is encrypted.

  • by falconwolf (725481) <falconsoaring_20 ... minus herbivore> on Thursday November 19, 2009 @01:09AM (#30153176)

    TrueCrypt [] is open source and is available for download from Source Forge [], which hosts open source projects. And here's the downloadable source code [].


  • by bertok (226922) on Thursday November 19, 2009 @04:01AM (#30153852)

    That would only works if the password is kept on a temporary file. Otherwise there is no reason whatsoever the password would be anywhere on disk. And that does not work at all if you use a bootable CD.

    But that's not how it happens in the real world. Most people don't run their computers from read-only media with the swap turned off!

    First of all, there's lots of bad developers out there. Passwords get saved all over the place, in the registry, configuration files, etc... I've seen web sites that were "https", but then put the plain text password into the URL, which is saved in the unencrypted browser history!

    Second, even if you store passwords in memory only, the pagefile might still contain it, if a page containing the password was swapped out. It's even more likely with hibernation files, which swap out everything, including kernel space marked as non-pageable.

    In theory, there's features like "protected memory" that developers can use to store passwords securely in memory, but this takes a lot of work. In Win32 there's a set of APIs for it, but many developers don't use it, or haven't even heard of it. It's such a low level "buffer manipulation" style API that lots of high-level languages can't or don't use it. It's only recently that C# got support for it, for example, and I don't think Java has anything comparable. Most garbage-collecting languages are vulnerable, because memory can be relocated (copied) at any time, which may prevent buffers from being properly cleared.

    One of the worst culprits are those "I forgot my password" web pages that email you your plain text password to your mailbox, so that your email client can then cheerfully write it all over the place. Even if you encrypt your PC's disk, but use corporate email, your password is now in plain text, on the server's disk.

    In practice, real security is hard. Very, very hard. As a consultant, I've been to over 100 clients, including major banks and very security sensitive government institutions, and I've only ever seen 2 secure networks: One financial services company, and the internal LAN on the new generation Boeing planes.

  • Re:What (Score:4, Informative)

    by Spad (470073) <slashdot AT spad DOT co DOT uk> on Thursday November 19, 2009 @04:34AM (#30153956) Homepage

    The best part of RIPA is that if you genuinely do no know the encryption key then the onus is on you to prove it, otherwise the assumption is that you do know and are simply witholding the information; off to jail for 5 years...

  • Re:What (Score:3, Informative)

    by Hognoxious (631665) on Thursday November 19, 2009 @08:54AM (#30154910) Homepage Journal
    Actually it's English. Magna Carta and all that.
  • by TrisexualPuppy (976893) on Thursday November 19, 2009 @09:55AM (#30155454)
    So here are some stats calculated at worst-case for 60 PS3s doing brute force cracking:

    8-character passwords w/ letters and numbers only: 3.3 hours.
    Upper and lower case: 10.5days. With 9 characters, it's 7.15 years
    An 84-character set brings us up to 119.5 days.
    Note: I just used x^8 which isn't totally accurate, the numbers in reality are a bit larger but it doesn't matter much.

    This makes me wonder in case this is true. We are running up to a physical limitation in the human brain. People already have trouble memorizing the dozens of 8character passwords. 9 characters will hold moores law off for a few more years (not the precise meaning of moores law but you know what i mean). The problem is also that people are getting more accounts for things. Most people even today use the same passwords for a variety of things. I'd say almost all people.

    So I ask the /. crowd are there any good alternatives to passwords that are feasible? Something secure. Something that can be implemented on websites. What do you think we should be working towards? Is there already something in place that you can give an example of?
  • by skarphace (812333) on Thursday November 19, 2009 @01:35PM (#30159406) Homepage

    So I ask the /. crowd are there any good alternatives to passwords that are feasible? Something secure. Something that can be implemented on websites. What do you think we should be working towards? Is there already something in place that you can give an example of?

    The best possible password is a phrase. Something simple like 'whereartthouromeo' is long, difficult to crack, and yet, still easy to remember. Now add some numbers, case change, and sepcial characters... 'WHEr3@r7thourom#)' is virtually impossible to crack. The password is not inherently flawed. It's still valid, useful, and machines are still too underpowered to crack that stuff.

Faith may be defined briefly as an illogical belief in the occurence of the improbable. - H. L. Mencken