CN108416208A - A kind of method of decryption, host equipment and storage device - Google Patents

A kind of method of decryption, host equipment and storage device Download PDF

Info

Publication number
CN108416208A
CN108416208A CN201810110777.1A CN201810110777A CN108416208A CN 108416208 A CN108416208 A CN 108416208A CN 201810110777 A CN201810110777 A CN 201810110777A CN 108416208 A CN108416208 A CN 108416208A
Authority
CN
China
Prior art keywords
storage device
host equipment
default
input parameter
code data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810110777.1A
Other languages
Chinese (zh)
Inventor
肖宛昂
尚宁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Dapu Microelectronics Co Ltd
Original Assignee
Shenzhen Dapu Microelectronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Dapu Microelectronics Co Ltd filed Critical Shenzhen Dapu Microelectronics Co Ltd
Priority to CN201810110777.1A priority Critical patent/CN108416208A/en
Publication of CN108416208A publication Critical patent/CN108416208A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Abstract

The invention discloses a kind of method of decryption, host equipment and storage devices, and speed is cracked to achieve the purpose that improve.Present invention method includes:The cryptographic Hash that host equipment treats decryption by presetting attenuation function is calculated, and the first code data to be selected is obtained;The host equipment is sent to the storage device using the described first code data to be selected as input parameter;The host equipment receives the output parameter of storage device feedback, and the cryptographic Hash is carried out according to the output parameter to crack operation, wherein, the output parameter is the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match after the storage device is matched the input parameter with the joint of the chain tail value of default rainbow table by built-in storage control.

Description

A kind of method of decryption, host equipment and storage device
Technical field
The present invention relates to a kind of field of information security technology more particularly to method of decryption, host equipment and storages Equipment.
Background technology
With the fast development of internet, the problem of carrying out computer crime using computer and its network is more and more tighter Weight.During the detection of this kind of case, in order to obtain investigation clue or extract the electronic evidence for proving crime fact, It generally requires to check relevant document in the computer of suspect.In the case where by confession password can not be obtained, step on It records case-involving computer or opens case-involving file, be very difficult.In this case, code-breaking techniques may be just at only One selection.
Currently, for simple password and cryptographic system, the mode of Brute Force may be used in password cracking.And for compared with Complicated password and cryptographic system, such as the password more than 8, the calculation amount of Brute Force is very big.Generally use is color Rainbow table is cracked.Rainbow table is a huge Hash precalculated for various possible numbers, monogram (hash) set of value, rainbow table technology are exactly to establish a corresponding Hash table between source data and encryption data, are existed in this way It obtains after encryption data by comparing, inquiry or certain operation, source data can be quickly positioned, to passing through rainbow table Construction and lookup, being capable of decryption acquisition plaintext.
However, rainbow table, as a kind of Hash table of compression, for longer password, often occupied space is huge for rainbow table Greatly, it is very long to crack the time.Since the data bulk of rainbow table is huge, it can not be once completely loaded host memory, applied to broken It can only be stored in the storage device of such as mechanical hard disk or solid state disk etc when solution, in table lookup operation, segmentation, which is loaded into, leads Machine memory, so that host side processor carries out match query operation.Every time inquiry be required for by rainbow table all data of right row from Storage device is loaded into host memory, and which results in huge outputs to export (I/O) expense, slows down the speed cracked.
Invention content
An embodiment of the present invention provides a kind of method of decryption, host equipment and storage devices, are broken with reaching to improve Solve the purpose of speed.
The first aspect of the embodiment of the present invention provides a kind of method of decryption, including:
The cryptographic Hash that host equipment treats decryption by presetting attenuation function is calculated, and the first password to be selected is obtained Data;
The host equipment is sent to the storage device using the described first code data to be selected as input parameter;
The host equipment receives the output parameter of storage device feedback, and according to the output parameter to the cryptographic Hash Crack operation, the output parameter be the storage device by built-in storage control by the input parameter with After the joint of the chain tail value of default rainbow table is matched, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
Optionally, the method further includes:
It is to be selected close by the default attenuation function of others and calculating described first if receiving the unsuccessful message of matching The cryptographic Hash that decryption is treated in the preset function combination that the default attenuation function of code data is formed is calculated, and obtains second Code data to be selected is sent to the storage device, if still receiving using the described second code data to be selected as input parameter Unsuccessful message is matched, then continues that next code data to be selected is calculated, using next code data to be selected as defeated Enter parameter and be sent to the storage device, until receiving the output parameter of the storage device feedback.
Optionally, the method further includes:
The cryptographic Hash that the host equipment treats decryption carries out parallel computation, obtains multiple code datas to be selected.
Second aspect of the embodiment of the present invention provides a kind of method of decryption, including:
The input parameter that storage device receiving host equipment is sent, the input parameter pass through default for the host equipment The cryptographic Hash that attenuation function treats decryption is calculated, obtained code data to be selected;
The storage device is by built-in storage control by the joint of the chain tail of the input parameter and default rainbow table Value is matched, if successful match, the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match is anti-as output parameter It feeds the host equipment, so that the host equipment according to the output parameter carries out the cryptographic Hash cracking operation.
Optionally, the method further includes:
If matching is unsuccessful, unsuccessful message feedback will be matched to the host equipment.
Optionally, the storage device by built-in storage control by the chain of the input parameter and default rainbow table Periproct point value carries out matching:
If the default rainbow table be unsorted rainbow table, the storage device by built-in storage control with The input parameter is matched with the joint of the chain tail value of default rainbow table by the way of linear search;If the default coloured silk Rainbow table is unsorted rainbow table, then the storage device by built-in storage control use general in a manner of dichotomizing search The input parameter is matched with the joint of the chain tail value of default rainbow table.
The third aspect of the embodiment of the present invention provides a kind of host equipment, including:
Computing module, the cryptographic Hash for treating decryption by presetting attenuation function are calculated, obtain first and wait for Select code data;
Transceiver module, for being sent to the storage device using the described first code data to be selected as input parameter;
Processing module, the output parameter for receiving storage device feedback, and according to the output parameter to the Hash Value crack operation, and the output parameter is by built-in storage control in the storage device by the input parameter After being matched with the joint of the chain tail value of default rainbow table, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
Optionally, the computing module declines if being additionally operable to receive the unsuccessful message of matching by the way that others are default Subtraction function combined with the preset function that the default attenuation function for calculating first code data to be selected is formed treat crack it is close The cryptographic Hash of code is calculated, and the second code data to be selected is obtained;
The transceiver module, be additionally operable to using the described second code data to be selected as input parameter be sent to it is described storage set It is standby;
The computing module if being additionally operable to still receive the unsuccessful message of matching continues that next wait for is calculated Select code data;
The transceiver module, be additionally operable to using next code data to be selected as input parameter be sent to it is described storage set It is standby, until receiving the output parameter of the storage device feedback.
Fourth aspect of the embodiment of the present invention provides a kind of storage device, including:
Receiving module, for the input parameter that receiving host equipment is sent, the input parameter is logical for the host equipment It crosses the cryptographic Hash that default attenuation function treats decryption to be calculated, obtained code data to be selected;
Matching module, for by built-in storage control by the joint of the chain tail of the input parameter and default rainbow table Value is matched;
Feedback module, if be used for successful match, using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as Output parameter feeds back to the host equipment, so that the host equipment breaks the cryptographic Hash according to the output parameter Solution operation.
Optionally, the matching module, if being unsorted rainbow table specifically for the default rainbow table, by interior The storage control set is carried out the input parameter and the joint of the chain tail value of default rainbow table in a manner of using linear search Matching;If the default rainbow table is unsorted rainbow table, by built-in storage control to use dichotomizing search Mode matches the input parameter with the joint of the chain tail value of default rainbow table.
As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages:Rainbow is carried out at host equipment end The calculating of hash function and attenuation function in table search operation, these calculating need to consume a large amount of CPU or GPU computing resources, but It is that demand to I/O is limited, referred to as computationally intensive operation.Since host equipment is often with more powerful than storage control Computing capability, allow host equipment undertake computationally intensive operation be conducive to improve crack speed.At storage device end, storage is allowed Controller executes rainbow table table lookup operation.Rainbow table capacity is huge, but simple in structure, and table lookup operation needs to be related to a large amount of numbers According to, but need not be very powerful computing capability, allow storage processor undertake data-intensive operation be equally beneficial for improving it is broken Solve speed.
Description of the drawings
Fig. 1 is a kind of rainbow table building method schematic diagram provided in an embodiment of the present invention;
Fig. 2 is that the expression that a kind of bis- tuples of key-value provided in an embodiment of the present invention are constituted is intended to;
Fig. 3 is a kind of method flow schematic diagram of decryption provided in an embodiment of the present invention;
Fig. 4 is a kind of schematic diagram for realizing table lookup function using linear search provided in an embodiment of the present invention;
Fig. 5 is a kind of schematic diagram for realizing table lookup function using dichotomizing search provided in an embodiment of the present invention;
Fig. 6 is a kind of schematic diagram for realizing table lookup function using multidiameter delay mode provided in an embodiment of the present invention;
Fig. 7 is a kind of host equipment structural schematic diagram provided in an embodiment of the present invention;
Fig. 8 is a kind of storage device structural schematic diagram provided in an embodiment of the present invention;
Fig. 9 is a kind of system schematic of decryption provided in an embodiment of the present invention.
Specific implementation mode
An embodiment of the present invention provides a kind of method of decryption, host equipment and storage devices, are broken with reaching to improve Solve the purpose of speed.
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, the every other implementation that those skilled in the art are obtained without creative efforts Example, shall fall within the protection scope of the present invention.
Term " first " in description and claims of this specification and above-mentioned attached drawing, " second " are for distinguishing class As object, without being used to describe specific sequence or precedence.It should be appreciated that the data used in this way are in appropriate situation Under can be interchanged, so that the embodiments described herein can be real with the sequence other than the content for illustrating or describing herein It applies.In addition, term " comprising " and " having " and their any deformation, it is intended that cover it is non-exclusive include, for example, packet Contained series of steps or unit process, method, system, product or equipment those of be not necessarily limited to clearly to list step or Unit, but may include not listing clearly or for the intrinsic other steps of these processes, method, product or equipment or Unit.
Technical solution of the present invention for ease of understanding below illustrates rainbow table related content:
Rainbow table (Rainbow Tables) is a kind of for reverse computational cryptography hash function (cryptographic Hash functions), precalculated tables of data.One important application of rainbow table is to crack the Hash of user password Value, that is, give a cryptographic Hash h, find one section of plaintext p so that H (p)=h, here H () be corresponding hash function (for example, MD-5, SHA-1, SHA-256).Often capacity is huge (data for including GB TB ranks) for rainbow table;When by being changed with space Between algorithm, rainbow table makes the computation complexity of reverse cryptographic Hash function well below Brute Force, to very Big realistic meaning.
Referring to Fig. 1, Fig. 1 is a kind of rainbow table building method schematic diagram provided in an embodiment of the present invention, it is assumed that we want The plaintext (plaintext) cracked is taken from hash function H (the i.e. given cryptographic Hash of plaintext space (plaintext space) P H finds a plaintext p from P so that H (p)=h), we can construct a series of attenuation function (reduction Functions) { 1 } R_, R_ { 2 } ... ..., R_ { t } then randomly select a plaintext p0 from plaintext space P, calculate successively C0=H (p0), p0_ { 1 }=R_ { 1 } (c0), c0_ { 1 }=H (p0_ { 1 }), p0_ { 2 }=R_ { 2 } (c0_ { 1 }) ... ..., c0_ { t-1 }=H (p0_ { t-1 }), p0_ { t }=R_ { t } (c0_ { t-1 }).This process shows in the first row chained list of Fig. 1.So We randomly select another plaintext p1 from plaintext space afterwards, and the second row chained list is generated according to similar approach.Continue this process, N number of chained list is generated altogether, this N number of chained list together constitutes rainbow table.Rainbow table shown in FIG. 1 often bulky, so depositing Format when storage includes only the plaintext space data of first row and last row, becomes what bis- tuple of key-value was constituted Table, the table is as shown in Fig. 2, the expression intention that Fig. 2, which is a kind of bis- tuples of key-value provided in an embodiment of the present invention, to be constituted.
On the basis of Fig. 1 and Fig. 2, the realization process of the existing cryptographic Hash using rainbow table come decryption is as follows: Given cryptographic Hash h, wishes to find one section of plaintext p in plaintext space P first so that H (p)=h.Then R_ { t } is first calculated (h), it then will be scanned in resulting value in fig. 2 that columns value of the right.If not searching matched numerical value, after It is continuous to calculate R_ { t } (H (R_ { t-1 } (h))), then it will be searched in resulting value in fig. 2 that columns value of the right.Repeat this mistake Journey, until attempting until R_ { 1 }.In this process, if do not matched, failure is cracked.It is (false in the event of matching If matching is p2_ { t }), we calculate since the numerical value p2 that the corresponding left sides one Fig. 2 arrange according to method shown in FIG. 1 successively Cryptographic Hash, until midway, some cryptographic Hash is identical with target cryptographic Hash h.At this moment, the plaintext before this cryptographic Hash is in chained list Value p is the value for meeting H (p)=h.If without appearance and the matched cryptographic Hash of h in the chained list of corresponding p2, this will be a mistake Sentence phenomenon.In that case, continue a row on the right of attenuation function and hash function interleaved computation and matching Fig. 2 from back to front The process of numerical value, until there is matching (or cracking failure) occur.
It is required for all data of row on the right of Fig. 2 being loaded into host memory from storage device due to inquiring every time, this is caused Huge output exports (I/O) expense, slows down the speed cracked.The present invention proposes to exist rainbow table table lookup operation as a result, The inside for storing processor is realized, to eliminate the process that rainbow table is loaded into host memory, speed is cracked to reach raising The purpose of degree.
Reference Fig. 3, the method for decryption proposed by the present invention, including:
101, host equipment is calculated by the cryptographic Hash that default attenuation function treats decryption, and it is to be selected to obtain first Code data;
102, the described first code data to be selected is sent to storage device by host equipment as input parameter;
103, storage device by built-in storage control by the joint of the chain tail of the input parameter and default rainbow table Value is matched;
If 104, successful match, storage device is using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as defeated Go out parameter feedback to the host equipment;
105, host equipment carries out the cryptographic Hash according to the output parameter to crack operation.
In a step 101, to the cryptographic Hash h that sets the goal, host equipment passes through r_ { t }:=R_ { t } (h) is calculated, and obtains r_ { t }, i.e., the first code data to be selected.
In a step 102, host equipment is set r_ { t } as input parameter after obtaining r_ { t } by host-storage Standby interface (Interface) is sent to storage device.
In step 103, the storage control of storage device executes table lookup operation after obtaining input value in rainbow table, i.e., A row are found and r_ { t } matched value on the right of Fig. 2.
At step 104, if matching occurs, storage device is by corresponding key assignments (key), i.e. Fig. 2 left columns Corresponding matching The value of numerical value is sent to host equipment as output;Otherwise, storage device can export " Not Found " information.
In step 105, if matching occurs, host equipment can utilize obtained output valve to crack target by calculating Cryptographic Hash, or obtain cracking the conclusion of failure;In this process, host equipment need not carry out any inquiry rainbow table Operation.
Further, after step 103, further include:If matching is unsuccessful, storage device will match unsuccessful message Feed back to the host equipment.Correspondingly, if host equipment receives the unsuccessful message of matching, decline by the way that others are default Subtraction function combined with the preset function that the default attenuation function for calculating first code data to be selected is formed treat crack it is close The cryptographic Hash of code is calculated, and the second code data to be selected is obtained, and is sent out the described second code data to be selected as input parameter The storage device is given, if still receiving the unsuccessful message of matching, continues that next code data to be selected is calculated, Next code data to be selected is sent to the storage device as input parameter, until receiving the storage device feedback Output parameter.It should be noted that if next code data to be selected is still unable to successful match, continue under calculating again One code data to be selected, until being capable of successful match.
In the present embodiment, if host equipment obtains the output of " Not Found " as a result, host equipment continues calculating second Code data to be selected:r_{t-1}:=R_ { t } (H (R_ { t-1 } (h))), and r_ { t-1 } is passed through into host-as input parameter Storage device interface is sent to storage device.The storage control of storage device executes and identical operation is described above, and returns Matched key assignments (output parameter) or " Not Found ".Host equipment can crack operation according to output parameter with complete independently. If not receiving the unsuccessful message of matching yet, host equipment continues this process, calculates r_ { t-2 }, r_ { t-3 } ... ..., R_ { 1 }, and interacted in the same way with storage device, until cracking success, or crack failure.
Further, step 101 includes:The cryptographic Hash that the host equipment treats decryption carries out parallel computation, obtains To multiple code datas to be selected.
For example, host equipment can obtain the first code data to be selected and the second code data to be selected with parallel computation.
In the present embodiment, host equipment can once calculate several r_ { i }, and by the r_ of a sequence { i }, for example [r_ { t }, r_ { t-1 } ..., r_ { t-16 }], while being sent to storage device.Storage device can in rainbow table parallel search it is defeated R_ { i } sequence entered, and it is sent back to host equipment using lookup result as a sequence output.
Further, step 103 includes:If the default rainbow table is unsorted rainbow table, the storage device Built-in storage control by using in a manner of linear search by the joint of the chain tail of the input parameter and default rainbow table Value is matched;If the default rainbow table is unsorted rainbow table, the storage device is controlled by built-in storage Device is matched the input parameter with the joint of the chain tail value of default rainbow table in a manner of using dichotomizing search.
In the present embodiment, for unsorted rainbow table, provides and a kind of table lookup function is realized using linear search Method, referring to Fig. 4, Fig. 4 is a kind of schematic diagram for realizing table lookup function using linear search provided in an embodiment of the present invention, Include the following steps:
Step 1, host computer send lookup value, start the locating function of solid-state hard disk controller;
Step 2, solid-state hard disk controller read into rainbow table in buffer area Buf paragraph by paragraph;
Step 3, hardware searching module are begun look for.
Wherein step 2 and step 3 can execute parallel.
For ordering rainbow table, separately provide it is a kind of using dichotomizing search come the method for realizing table lookup function, ask Refering to Fig. 5, Fig. 5 is a kind of schematic diagram for realizing table lookup function using dichotomizing search provided in an embodiment of the present invention, specifically , 1) if, the right row minimum values of input parameter ratio Fig. 2 it is small, directly exit and table look-up, if the right row of input parameter ratio Fig. 2 are maximum Value is big, then equally exits and table look-up;2), input parameter and median are compared;3), if input parameter (P_Mid) and Fig. 2 are right Row median is equal, then finds, successful match.4), if input parameter (P_Bot) is less than the right row medians of Fig. 2, scheming 5 lower half portion (Bottom) carry out binary chop;It goes to 2);If lower half portion is less than or equal to 2, searches, look into one by one Backed off after random is looked for;If 5), input parameter (P_Top) is more than the right row medians of Fig. 2, two are carried out in Fig. 5 top halfs (Top) Divide and searches;It goes to 2);If top half is less than or equal to 2, searches one by one, searched backed off after random.It should be noted that The 2 right row median of middle section (Middle) corresponding diagram of Fig. 5.
The present embodiment additionally provides a kind of method for realizing table lookup function using multidiameter delay mode, referring to Fig. 6, figure 6 be a kind of schematic diagram for realizing table lookup function using multidiameter delay mode provided in an embodiment of the present invention, specifically, 1), set Set n buffering area, the roads n parallel search;2), each buffering area is divide into upper part and lower part, ping-pong operation.Upper partial write rainbow Table, lower part is for searching;Rainbow table is written in lower part, and upper part is for searching.
In the present embodiment, the calculating of hash function and attenuation function in rainbow table search operation is carried out at host equipment end, These calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, and referred to as computation-intensive is grasped Make.Since host equipment often has the computing capability more powerful than storage control, host equipment is allowed to undertake computation-intensive Operation, which is conducive to improve, cracks speed.At storage device end, storage control is allowed to execute rainbow table table lookup operation.Rainbow table capacity Huge, but simple in structure, table lookup operation needs to be related to mass data, but need not be very powerful computing capability, allow storage Processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
Reference Fig. 7, the host equipment of one embodiment of the invention, including:
Computing module 201, the cryptographic Hash for treating decryption by presetting attenuation function are calculated, and obtain first Code data to be selected;
Transceiver module 202, for being sent to the storage device using the described first code data to be selected as input parameter;
Processing module 203, the output parameter for receiving storage device feedback, and according to the output parameter to the Kazakhstan Uncommon value carries out cracking operation, and the output parameter is to be joined the input by built-in storage control in the storage device After number is matched with the joint of the chain tail value of default rainbow table, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
Further, the computing module 201 passes through others if being additionally operable to receive the unsuccessful message of matching Default attenuation function is combined with the preset function that the default attenuation function for calculating first code data to be selected is formed to be treated The cryptographic Hash of decryption is calculated, and the second code data to be selected is obtained;
The transceiver module 202 is additionally operable to be sent to described deposit using the described second code data to be selected as input parameter Store up equipment;
The computing module 201 continues to be calculated next if being additionally operable to still receive the unsuccessful message of matching Code data to be selected;
The transceiver module 202 is additionally operable to next code data to be selected being sent to the storage as input parameter Equipment, until receiving the output parameter of the storage device feedback.
Further, the computing module 201, the cryptographic Hash for being additionally operable to treat decryption carry out parallel computation, obtain Multiple code datas to be selected.
In the present embodiment, to the cryptographic Hash h that sets the goal, host equipment passes through r_ { t }:=R_ { t } (h) is calculated, and obtains r_ { t }, i.e., the first code data to be selected.If host equipment obtains the output of " Not Found " as a result, host equipment continues to calculate Second code data to be selected:r_{t-1}:=R_ { t } (H (R_ { t-1 } (h))), and r_ { t-1 } is passed through into master as input parameter Machine-storage device interface is sent to storage device.The storage control of storage device executes and identical operation is described above, and returns Return matched key assignments (output parameter) or " Not Found ".Host equipment can crack behaviour according to output parameter with complete independently Make.If not receiving the unsuccessful message of matching yet, host equipment continues this process, calculates r_ { t-2 }, r_ { t- 3 } ... ..., { 1 } r_, and interacted in the same way with storage device, until cracking success, or crack failure.
Host equipment can once calculate several r_ { i }, and by the r_ of a sequence { i }, for example [r_ { t }, r_ { t- 1 } ..., r_ { t-16 }], while being sent to storage device.Storage device can in rainbow table parallel search input r_ { i } Sequence, and it is sent back to host equipment using lookup result as a sequence output.
In the present embodiment, the calculating of hash function and attenuation function in rainbow table search operation is carried out at host equipment end, These calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, and referred to as computation-intensive is grasped Make.Since host equipment often has the computing capability more powerful than storage control, host equipment is allowed to undertake computation-intensive Operation, which is conducive to improve, cracks speed.At storage device end, storage control is allowed to execute rainbow table table lookup operation.Rainbow table capacity Huge, but simple in structure, table lookup operation needs to be related to mass data, but need not be very powerful computing capability, allow storage Processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
Reference Fig. 8, the storage device of one embodiment of the invention, including:
Receiving module 301, for the input parameter that receiving host equipment is sent, the input parameter is the host equipment The cryptographic Hash that decryption is treated by presetting attenuation function is calculated, obtained code data to be selected;
Matching module 302, for by built-in storage control by the last-of-chain of the input parameter and default rainbow table Nodal value is matched;
Feedback module 303 makees the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match if being used for successful match The host equipment is fed back to for output parameter, so that the host equipment carries out the cryptographic Hash according to the output parameter Crack operation.
Further, the matching module 302, if being unsorted rainbow table specifically for the default rainbow table, Built-in storage control by using in a manner of linear search by the joint of the chain tail of the input parameter and default rainbow table Value is matched;If the default rainbow table is unsorted rainbow table, by built-in storage control to use two points Method way of search matches the input parameter with the joint of the chain tail value of default rainbow table.
Further, the feedback module 303 will match unsuccessful message feedback if it is unsuccessful to be additionally operable to matching To the host equipment.
In the present embodiment, the calculating of hash function and attenuation function in rainbow table search operation is carried out at host equipment end, These calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, and referred to as computation-intensive is grasped Make.Since host equipment often has the computing capability more powerful than storage control, host equipment is allowed to undertake computation-intensive Operation, which is conducive to improve, cracks speed.At storage device end, storage control is allowed to execute rainbow table table lookup operation.Rainbow table capacity Huge, but simple in structure, table lookup operation needs to be related to mass data, but need not be very powerful computing capability, allow storage Processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
Reference Fig. 9, the system of the decryption of one embodiment of the invention, including:
Host equipment 401 and storage device 402;
The cryptographic Hash that host equipment 401 treats decryption by presetting attenuation function is calculated, and it is to be selected to obtain first Code data;
Host equipment 401 is sent to storage device 402 using the described first code data to be selected as input parameter;
Storage device 402 is by built-in storage control by the joint of the chain tail value of the input parameter and default rainbow table It is matched;
If successful match, storage device 402 is using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as defeated Go out parameter feedback to the host equipment;
Host equipment 401 carries out the cryptographic Hash according to the output parameter to crack operation.
It should be noted that the system of the decryption provided in above-described embodiment and the method for decryption are all based on Identical inventive concept.Therefore, the execution function of the host equipment 401 in the system of decryption and storage device 402 can With referring to preceding method embodiment, details are not described herein.
In the present embodiment, the meter of hash function and attenuation function in rainbow table search operation is carried out at 401 end of host equipment It calculates, these calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, referred to as computation-intensive Operation.Since host equipment 401 often has the computing capability more powerful than storage control, host equipment 401 is allowed to undertake meter Calculation intensive, which is conducive to improve, cracks speed.At 402 end of storage device, allows storage control to execute rainbow table and table look-up behaviour Make.Rainbow table capacity is huge, but simple in structure, and table lookup operation needs to be related to mass data, but need not be very powerful meter Calculation ability, allow storage processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to the foregoing embodiments Invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to aforementioned each implementation Technical solution recorded in example is modified or equivalent replacement of some of the technical features;And these modification or It replaces, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution.

Claims (10)

1. a kind of method of decryption, which is characterized in that the method includes:
The cryptographic Hash that host equipment treats decryption by presetting attenuation function is calculated, and the first password number to be selected is obtained According to;
The host equipment is sent to the storage device using the described first code data to be selected as input parameter;
The host equipment receives the output parameter of storage device feedback, and is carried out to the cryptographic Hash according to the output parameter Crack operation, the output parameter be the storage device by built-in storage control by the input parameter with it is default After the joint of the chain tail value of rainbow table is matched, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
2. according to the method described in claim 1, it is characterized in that, the method further includes:
If receiving the unsuccessful message of matching, pass through the default attenuation function of others and the calculating first password number to be selected According to the preset function combination that is formed of default attenuation function treat the cryptographic Hash of decryption and calculated, it is to be selected to obtain second Code data is sent to the storage device, if still receiving matching using the described second code data to be selected as input parameter Unsuccessful message then continues that next code data to be selected is calculated, and joins next code data to be selected as input Number is sent to the storage device, until receiving the output parameter of the storage device feedback.
3. according to the method described in claim 1, it is characterized in that, the method further includes:
The cryptographic Hash that the host equipment treats decryption carries out parallel computation, obtains multiple code datas to be selected.
4. a kind of method of decryption, which is characterized in that the method includes:
The input parameter that storage device receiving host equipment is sent, the input parameter are that the host equipment passes through default decaying The cryptographic Hash that function treats decryption is calculated, obtained code data to be selected;
The storage device by built-in storage control by the joint of the chain tail value of the input parameter and default rainbow table into Row matching, if successful match, the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match is fed back to as output parameter The host equipment, so that the host equipment according to the output parameter carries out the cryptographic Hash cracking operation.
5. according to the method described in claim 4, it is characterized in that, the method further includes:
If matching is unsuccessful, unsuccessful message feedback will be matched to the host equipment.
6. according to the method described in claim 4, it is characterized in that, the storage device by built-in storage control by institute State input parameter and the joint of the chain tail value of default rainbow table match including:
If the default rainbow table is unsorted rainbow table, the storage device is by built-in storage control to use The mode of linear search matches the input parameter with the joint of the chain tail value of default rainbow table;If the default rainbow table For unsorted rainbow table, then the storage device will be described in a manner of dichotomizing search to use by built-in storage control Input parameter is matched with the joint of the chain tail value of default rainbow table.
7. a kind of host equipment, which is characterized in that the host equipment includes:
Computing module, the cryptographic Hash for treating decryption by presetting attenuation function are calculated, and it is to be selected close to obtain first Code data;
Transceiver module, for being sent to the storage device using the described first code data to be selected as input parameter;
Processing module, for receive storage device feedback output parameter, and according to the output parameter to the cryptographic Hash into Row cracks operation, the output parameter be the storage device by built-in storage control by the input parameter in advance After if the joint of the chain tail value of rainbow table is matched, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
8. host equipment according to claim 7, which is characterized in that the computing module, if being additionally operable to receive matching Unsuccessful message then passes through the default attenuation function of other default attenuation functions and calculating first code data to be selected The cryptographic Hash that decryption is treated in the preset function combination formed is calculated, and the second code data to be selected is obtained;
The transceiver module is additionally operable to be sent to the storage device using the described second code data to be selected as input parameter;
The computing module continues to be calculated next to be selected close if being additionally operable to still receive the unsuccessful message of matching Code data;
The transceiver module is additionally operable to next code data to be selected being sent to the storage device as input parameter, directly To the output parameter for receiving the storage device feedback.
9. a kind of storage device, which is characterized in that the storage device includes:
Receiving module, for the input parameter that receiving host equipment is sent, the input parameter passes through pre- for the host equipment If the cryptographic Hash that attenuation function treats decryption is calculated, obtained code data to be selected;
Matching module, for by built-in storage control by the joint of the chain tail value of the input parameter and default rainbow table into Row matching;
Feedback module, if being used for successful match, using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as output Parameter feedback gives the host equipment, so that the host equipment according to the output parameter carries out the cryptographic Hash cracking behaviour Make.
10. storage device according to claim 9, which is characterized in that the matching module, if specifically for described default Rainbow table is unsorted rainbow table, then is joined the input by using in a manner of linear search built-in storage control Number is matched with the joint of the chain tail value of default rainbow table;If the default rainbow table is unsorted rainbow table, by interior The storage control set is carried out the input parameter and the joint of the chain tail value of default rainbow table in a manner of using dichotomizing search Matching.
CN201810110777.1A 2018-02-05 2018-02-05 A kind of method of decryption, host equipment and storage device Pending CN108416208A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810110777.1A CN108416208A (en) 2018-02-05 2018-02-05 A kind of method of decryption, host equipment and storage device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810110777.1A CN108416208A (en) 2018-02-05 2018-02-05 A kind of method of decryption, host equipment and storage device

Publications (1)

Publication Number Publication Date
CN108416208A true CN108416208A (en) 2018-08-17

Family

ID=63126877

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810110777.1A Pending CN108416208A (en) 2018-02-05 2018-02-05 A kind of method of decryption, host equipment and storage device

Country Status (1)

Country Link
CN (1) CN108416208A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113139200A (en) * 2021-05-11 2021-07-20 中国电子科技集团公司第三十研究所 Method, system, computer program and storage medium for quickly cracking password
CN113672963A (en) * 2021-08-30 2021-11-19 国家计算机网络与信息安全管理中心 Matching method and device based on rainbow table, storage medium and electronic equipment

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103049709A (en) * 2013-01-22 2013-04-17 上海交通大学 Code recovery system and recovery method based on generator and extended rainbow table
US20130290731A1 (en) * 2012-04-26 2013-10-31 Appsense Limited Systems and methods for storing and verifying security information
CN103400072A (en) * 2013-07-31 2013-11-20 厦门市美亚柏科信息股份有限公司 Hash value password recovering method and device
CN105933120A (en) * 2016-04-06 2016-09-07 清华大学 Spark platform-based password hash value recovery method and device
CN106357384A (en) * 2016-08-26 2017-01-25 广州慧睿思通信息科技有限公司 Word2003 document cracking system based on FPGA hardware and method
CN106712928A (en) * 2016-12-13 2017-05-24 云南电网有限责任公司电力科学研究院 Big data rainbow table based decryption method and device
CN107425957A (en) * 2017-08-31 2017-12-01 郑州云海信息技术有限公司 A kind of cryptographic attack method, apparatus and isomery accelerate platform
CN107566348A (en) * 2017-08-11 2018-01-09 广州慧睿思通信息科技有限公司 One kind is based on the distributed shifty decryption systems of FPGA and its method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130290731A1 (en) * 2012-04-26 2013-10-31 Appsense Limited Systems and methods for storing and verifying security information
CN103049709A (en) * 2013-01-22 2013-04-17 上海交通大学 Code recovery system and recovery method based on generator and extended rainbow table
CN103400072A (en) * 2013-07-31 2013-11-20 厦门市美亚柏科信息股份有限公司 Hash value password recovering method and device
CN105933120A (en) * 2016-04-06 2016-09-07 清华大学 Spark platform-based password hash value recovery method and device
CN106357384A (en) * 2016-08-26 2017-01-25 广州慧睿思通信息科技有限公司 Word2003 document cracking system based on FPGA hardware and method
CN106712928A (en) * 2016-12-13 2017-05-24 云南电网有限责任公司电力科学研究院 Big data rainbow table based decryption method and device
CN107566348A (en) * 2017-08-11 2018-01-09 广州慧睿思通信息科技有限公司 One kind is based on the distributed shifty decryption systems of FPGA and its method
CN107425957A (en) * 2017-08-31 2017-12-01 郑州云海信息技术有限公司 A kind of cryptographic attack method, apparatus and isomery accelerate platform

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113139200A (en) * 2021-05-11 2021-07-20 中国电子科技集团公司第三十研究所 Method, system, computer program and storage medium for quickly cracking password
CN113672963A (en) * 2021-08-30 2021-11-19 国家计算机网络与信息安全管理中心 Matching method and device based on rainbow table, storage medium and electronic equipment

Similar Documents

Publication Publication Date Title
Jiang et al. Enabling efficient and verifiable multi-keyword ranked search over encrypted cloud data
Iliev et al. Protecting client privacy with trusted computing at the server
Ibrahim et al. Secure rank-ordered search of multi-keyword trapdoor over encrypted cloud data
US20150039903A1 (en) Masking query data access pattern in encrypted data
CN111310222B (en) File encryption method
Iliev et al. Private information storage with logarithmic-space secure hardware
US20190156057A1 (en) Efficiently querying databases while providing differential privacy
Sprengers GPU-based password cracking
CN108416208A (en) A kind of method of decryption, host equipment and storage device
Hu et al. Efficient wildcard search over encrypted data
Nelson et al. Shepard: A fast exact match short read aligner
Yu et al. Generalized external interaction with tamper-resistant hardware with bounded information leakage
Asharov et al. Efficient secure three-party sorting with applications to data analysis and heavy hitters
Wang et al. Practical volume-hiding encrypted multi-maps with optimal overhead and beyond
Ren et al. Privacy-preserving ranked multi-keyword search leveraging polynomial function in cloud computing
US20110289194A1 (en) Cloud data storage system
CN116644146A (en) Document searching method, device and system, electronic equipment and storage medium
Primmer et al. Collision and preimage resistance of the Centera content address
Kim et al. High‐speed parallel implementations of the rainbow method based on perfect tables in a heterogeneous system
Andavan et al. Cloud computing based deduplication using high-performance grade byte check and fuzzy search technique
US11645409B2 (en) Search and access pattern hiding verifiable searchable encryption for distributed settings with malicious servers
Kumar et al. Differential Evolution based bucket indexed data deduplication for big data storage
Xu et al. Massive fishing website URL parallel filtering method
Sykes et al. An improved parallel implementation of RainbowCrack using MPI
Beame et al. Massively-parallel similarity join, edge-isoperimetry, and distance correlations on the hypercube

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180817