CN108416208A - A kind of method of decryption, host equipment and storage device - Google Patents
A kind of method of decryption, host equipment and storage device Download PDFInfo
- Publication number
- CN108416208A CN108416208A CN201810110777.1A CN201810110777A CN108416208A CN 108416208 A CN108416208 A CN 108416208A CN 201810110777 A CN201810110777 A CN 201810110777A CN 108416208 A CN108416208 A CN 108416208A
- Authority
- CN
- China
- Prior art keywords
- storage device
- host equipment
- default
- input parameter
- code data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Abstract
The invention discloses a kind of method of decryption, host equipment and storage devices, and speed is cracked to achieve the purpose that improve.Present invention method includes:The cryptographic Hash that host equipment treats decryption by presetting attenuation function is calculated, and the first code data to be selected is obtained;The host equipment is sent to the storage device using the described first code data to be selected as input parameter;The host equipment receives the output parameter of storage device feedback, and the cryptographic Hash is carried out according to the output parameter to crack operation, wherein, the output parameter is the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match after the storage device is matched the input parameter with the joint of the chain tail value of default rainbow table by built-in storage control.
Description
Technical field
The present invention relates to a kind of field of information security technology more particularly to method of decryption, host equipment and storages
Equipment.
Background technology
With the fast development of internet, the problem of carrying out computer crime using computer and its network is more and more tighter
Weight.During the detection of this kind of case, in order to obtain investigation clue or extract the electronic evidence for proving crime fact,
It generally requires to check relevant document in the computer of suspect.In the case where by confession password can not be obtained, step on
It records case-involving computer or opens case-involving file, be very difficult.In this case, code-breaking techniques may be just at only
One selection.
Currently, for simple password and cryptographic system, the mode of Brute Force may be used in password cracking.And for compared with
Complicated password and cryptographic system, such as the password more than 8, the calculation amount of Brute Force is very big.Generally use is color
Rainbow table is cracked.Rainbow table is a huge Hash precalculated for various possible numbers, monogram
(hash) set of value, rainbow table technology are exactly to establish a corresponding Hash table between source data and encryption data, are existed in this way
It obtains after encryption data by comparing, inquiry or certain operation, source data can be quickly positioned, to passing through rainbow table
Construction and lookup, being capable of decryption acquisition plaintext.
However, rainbow table, as a kind of Hash table of compression, for longer password, often occupied space is huge for rainbow table
Greatly, it is very long to crack the time.Since the data bulk of rainbow table is huge, it can not be once completely loaded host memory, applied to broken
It can only be stored in the storage device of such as mechanical hard disk or solid state disk etc when solution, in table lookup operation, segmentation, which is loaded into, leads
Machine memory, so that host side processor carries out match query operation.Every time inquiry be required for by rainbow table all data of right row from
Storage device is loaded into host memory, and which results in huge outputs to export (I/O) expense, slows down the speed cracked.
Invention content
An embodiment of the present invention provides a kind of method of decryption, host equipment and storage devices, are broken with reaching to improve
Solve the purpose of speed.
The first aspect of the embodiment of the present invention provides a kind of method of decryption, including:
The cryptographic Hash that host equipment treats decryption by presetting attenuation function is calculated, and the first password to be selected is obtained
Data;
The host equipment is sent to the storage device using the described first code data to be selected as input parameter;
The host equipment receives the output parameter of storage device feedback, and according to the output parameter to the cryptographic Hash
Crack operation, the output parameter be the storage device by built-in storage control by the input parameter with
After the joint of the chain tail value of default rainbow table is matched, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
Optionally, the method further includes:
It is to be selected close by the default attenuation function of others and calculating described first if receiving the unsuccessful message of matching
The cryptographic Hash that decryption is treated in the preset function combination that the default attenuation function of code data is formed is calculated, and obtains second
Code data to be selected is sent to the storage device, if still receiving using the described second code data to be selected as input parameter
Unsuccessful message is matched, then continues that next code data to be selected is calculated, using next code data to be selected as defeated
Enter parameter and be sent to the storage device, until receiving the output parameter of the storage device feedback.
Optionally, the method further includes:
The cryptographic Hash that the host equipment treats decryption carries out parallel computation, obtains multiple code datas to be selected.
Second aspect of the embodiment of the present invention provides a kind of method of decryption, including:
The input parameter that storage device receiving host equipment is sent, the input parameter pass through default for the host equipment
The cryptographic Hash that attenuation function treats decryption is calculated, obtained code data to be selected;
The storage device is by built-in storage control by the joint of the chain tail of the input parameter and default rainbow table
Value is matched, if successful match, the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match is anti-as output parameter
It feeds the host equipment, so that the host equipment according to the output parameter carries out the cryptographic Hash cracking operation.
Optionally, the method further includes:
If matching is unsuccessful, unsuccessful message feedback will be matched to the host equipment.
Optionally, the storage device by built-in storage control by the chain of the input parameter and default rainbow table
Periproct point value carries out matching:
If the default rainbow table be unsorted rainbow table, the storage device by built-in storage control with
The input parameter is matched with the joint of the chain tail value of default rainbow table by the way of linear search;If the default coloured silk
Rainbow table is unsorted rainbow table, then the storage device by built-in storage control use general in a manner of dichotomizing search
The input parameter is matched with the joint of the chain tail value of default rainbow table.
The third aspect of the embodiment of the present invention provides a kind of host equipment, including:
Computing module, the cryptographic Hash for treating decryption by presetting attenuation function are calculated, obtain first and wait for
Select code data;
Transceiver module, for being sent to the storage device using the described first code data to be selected as input parameter;
Processing module, the output parameter for receiving storage device feedback, and according to the output parameter to the Hash
Value crack operation, and the output parameter is by built-in storage control in the storage device by the input parameter
After being matched with the joint of the chain tail value of default rainbow table, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
Optionally, the computing module declines if being additionally operable to receive the unsuccessful message of matching by the way that others are default
Subtraction function combined with the preset function that the default attenuation function for calculating first code data to be selected is formed treat crack it is close
The cryptographic Hash of code is calculated, and the second code data to be selected is obtained;
The transceiver module, be additionally operable to using the described second code data to be selected as input parameter be sent to it is described storage set
It is standby;
The computing module if being additionally operable to still receive the unsuccessful message of matching continues that next wait for is calculated
Select code data;
The transceiver module, be additionally operable to using next code data to be selected as input parameter be sent to it is described storage set
It is standby, until receiving the output parameter of the storage device feedback.
Fourth aspect of the embodiment of the present invention provides a kind of storage device, including:
Receiving module, for the input parameter that receiving host equipment is sent, the input parameter is logical for the host equipment
It crosses the cryptographic Hash that default attenuation function treats decryption to be calculated, obtained code data to be selected;
Matching module, for by built-in storage control by the joint of the chain tail of the input parameter and default rainbow table
Value is matched;
Feedback module, if be used for successful match, using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as
Output parameter feeds back to the host equipment, so that the host equipment breaks the cryptographic Hash according to the output parameter
Solution operation.
Optionally, the matching module, if being unsorted rainbow table specifically for the default rainbow table, by interior
The storage control set is carried out the input parameter and the joint of the chain tail value of default rainbow table in a manner of using linear search
Matching;If the default rainbow table is unsorted rainbow table, by built-in storage control to use dichotomizing search
Mode matches the input parameter with the joint of the chain tail value of default rainbow table.
As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages:Rainbow is carried out at host equipment end
The calculating of hash function and attenuation function in table search operation, these calculating need to consume a large amount of CPU or GPU computing resources, but
It is that demand to I/O is limited, referred to as computationally intensive operation.Since host equipment is often with more powerful than storage control
Computing capability, allow host equipment undertake computationally intensive operation be conducive to improve crack speed.At storage device end, storage is allowed
Controller executes rainbow table table lookup operation.Rainbow table capacity is huge, but simple in structure, and table lookup operation needs to be related to a large amount of numbers
According to, but need not be very powerful computing capability, allow storage processor undertake data-intensive operation be equally beneficial for improving it is broken
Solve speed.
Description of the drawings
Fig. 1 is a kind of rainbow table building method schematic diagram provided in an embodiment of the present invention;
Fig. 2 is that the expression that a kind of bis- tuples of key-value provided in an embodiment of the present invention are constituted is intended to;
Fig. 3 is a kind of method flow schematic diagram of decryption provided in an embodiment of the present invention;
Fig. 4 is a kind of schematic diagram for realizing table lookup function using linear search provided in an embodiment of the present invention;
Fig. 5 is a kind of schematic diagram for realizing table lookup function using dichotomizing search provided in an embodiment of the present invention;
Fig. 6 is a kind of schematic diagram for realizing table lookup function using multidiameter delay mode provided in an embodiment of the present invention;
Fig. 7 is a kind of host equipment structural schematic diagram provided in an embodiment of the present invention;
Fig. 8 is a kind of storage device structural schematic diagram provided in an embodiment of the present invention;
Fig. 9 is a kind of system schematic of decryption provided in an embodiment of the present invention.
Specific implementation mode
An embodiment of the present invention provides a kind of method of decryption, host equipment and storage devices, are broken with reaching to improve
Solve the purpose of speed.
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, the every other implementation that those skilled in the art are obtained without creative efforts
Example, shall fall within the protection scope of the present invention.
Term " first " in description and claims of this specification and above-mentioned attached drawing, " second " are for distinguishing class
As object, without being used to describe specific sequence or precedence.It should be appreciated that the data used in this way are in appropriate situation
Under can be interchanged, so that the embodiments described herein can be real with the sequence other than the content for illustrating or describing herein
It applies.In addition, term " comprising " and " having " and their any deformation, it is intended that cover it is non-exclusive include, for example, packet
Contained series of steps or unit process, method, system, product or equipment those of be not necessarily limited to clearly to list step or
Unit, but may include not listing clearly or for the intrinsic other steps of these processes, method, product or equipment or
Unit.
Technical solution of the present invention for ease of understanding below illustrates rainbow table related content:
Rainbow table (Rainbow Tables) is a kind of for reverse computational cryptography hash function (cryptographic
Hash functions), precalculated tables of data.One important application of rainbow table is to crack the Hash of user password
Value, that is, give a cryptographic Hash h, find one section of plaintext p so that H (p)=h, here H () be corresponding hash function (for example,
MD-5, SHA-1, SHA-256).Often capacity is huge (data for including GB TB ranks) for rainbow table;When by being changed with space
Between algorithm, rainbow table makes the computation complexity of reverse cryptographic Hash function well below Brute Force, to very
Big realistic meaning.
Referring to Fig. 1, Fig. 1 is a kind of rainbow table building method schematic diagram provided in an embodiment of the present invention, it is assumed that we want
The plaintext (plaintext) cracked is taken from hash function H (the i.e. given cryptographic Hash of plaintext space (plaintext space) P
H finds a plaintext p from P so that H (p)=h), we can construct a series of attenuation function (reduction
Functions) { 1 } R_, R_ { 2 } ... ..., R_ { t } then randomly select a plaintext p0 from plaintext space P, calculate successively
C0=H (p0), p0_ { 1 }=R_ { 1 } (c0), c0_ { 1 }=H (p0_ { 1 }), p0_ { 2 }=R_ { 2 } (c0_ { 1 }) ... ..., c0_
{ t-1 }=H (p0_ { t-1 }), p0_ { t }=R_ { t } (c0_ { t-1 }).This process shows in the first row chained list of Fig. 1.So
We randomly select another plaintext p1 from plaintext space afterwards, and the second row chained list is generated according to similar approach.Continue this process,
N number of chained list is generated altogether, this N number of chained list together constitutes rainbow table.Rainbow table shown in FIG. 1 often bulky, so depositing
Format when storage includes only the plaintext space data of first row and last row, becomes what bis- tuple of key-value was constituted
Table, the table is as shown in Fig. 2, the expression intention that Fig. 2, which is a kind of bis- tuples of key-value provided in an embodiment of the present invention, to be constituted.
On the basis of Fig. 1 and Fig. 2, the realization process of the existing cryptographic Hash using rainbow table come decryption is as follows:
Given cryptographic Hash h, wishes to find one section of plaintext p in plaintext space P first so that H (p)=h.Then R_ { t } is first calculated
(h), it then will be scanned in resulting value in fig. 2 that columns value of the right.If not searching matched numerical value, after
It is continuous to calculate R_ { t } (H (R_ { t-1 } (h))), then it will be searched in resulting value in fig. 2 that columns value of the right.Repeat this mistake
Journey, until attempting until R_ { 1 }.In this process, if do not matched, failure is cracked.It is (false in the event of matching
If matching is p2_ { t }), we calculate since the numerical value p2 that the corresponding left sides one Fig. 2 arrange according to method shown in FIG. 1 successively
Cryptographic Hash, until midway, some cryptographic Hash is identical with target cryptographic Hash h.At this moment, the plaintext before this cryptographic Hash is in chained list
Value p is the value for meeting H (p)=h.If without appearance and the matched cryptographic Hash of h in the chained list of corresponding p2, this will be a mistake
Sentence phenomenon.In that case, continue a row on the right of attenuation function and hash function interleaved computation and matching Fig. 2 from back to front
The process of numerical value, until there is matching (or cracking failure) occur.
It is required for all data of row on the right of Fig. 2 being loaded into host memory from storage device due to inquiring every time, this is caused
Huge output exports (I/O) expense, slows down the speed cracked.The present invention proposes to exist rainbow table table lookup operation as a result,
The inside for storing processor is realized, to eliminate the process that rainbow table is loaded into host memory, speed is cracked to reach raising
The purpose of degree.
Reference Fig. 3, the method for decryption proposed by the present invention, including:
101, host equipment is calculated by the cryptographic Hash that default attenuation function treats decryption, and it is to be selected to obtain first
Code data;
102, the described first code data to be selected is sent to storage device by host equipment as input parameter;
103, storage device by built-in storage control by the joint of the chain tail of the input parameter and default rainbow table
Value is matched;
If 104, successful match, storage device is using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as defeated
Go out parameter feedback to the host equipment;
105, host equipment carries out the cryptographic Hash according to the output parameter to crack operation.
In a step 101, to the cryptographic Hash h that sets the goal, host equipment passes through r_ { t }:=R_ { t } (h) is calculated, and obtains r_
{ t }, i.e., the first code data to be selected.
In a step 102, host equipment is set r_ { t } as input parameter after obtaining r_ { t } by host-storage
Standby interface (Interface) is sent to storage device.
In step 103, the storage control of storage device executes table lookup operation after obtaining input value in rainbow table, i.e.,
A row are found and r_ { t } matched value on the right of Fig. 2.
At step 104, if matching occurs, storage device is by corresponding key assignments (key), i.e. Fig. 2 left columns Corresponding matching
The value of numerical value is sent to host equipment as output;Otherwise, storage device can export " Not Found " information.
In step 105, if matching occurs, host equipment can utilize obtained output valve to crack target by calculating
Cryptographic Hash, or obtain cracking the conclusion of failure;In this process, host equipment need not carry out any inquiry rainbow table
Operation.
Further, after step 103, further include:If matching is unsuccessful, storage device will match unsuccessful message
Feed back to the host equipment.Correspondingly, if host equipment receives the unsuccessful message of matching, decline by the way that others are default
Subtraction function combined with the preset function that the default attenuation function for calculating first code data to be selected is formed treat crack it is close
The cryptographic Hash of code is calculated, and the second code data to be selected is obtained, and is sent out the described second code data to be selected as input parameter
The storage device is given, if still receiving the unsuccessful message of matching, continues that next code data to be selected is calculated,
Next code data to be selected is sent to the storage device as input parameter, until receiving the storage device feedback
Output parameter.It should be noted that if next code data to be selected is still unable to successful match, continue under calculating again
One code data to be selected, until being capable of successful match.
In the present embodiment, if host equipment obtains the output of " Not Found " as a result, host equipment continues calculating second
Code data to be selected:r_{t-1}:=R_ { t } (H (R_ { t-1 } (h))), and r_ { t-1 } is passed through into host-as input parameter
Storage device interface is sent to storage device.The storage control of storage device executes and identical operation is described above, and returns
Matched key assignments (output parameter) or " Not Found ".Host equipment can crack operation according to output parameter with complete independently.
If not receiving the unsuccessful message of matching yet, host equipment continues this process, calculates r_ { t-2 }, r_ { t-3 } ... ...,
R_ { 1 }, and interacted in the same way with storage device, until cracking success, or crack failure.
Further, step 101 includes:The cryptographic Hash that the host equipment treats decryption carries out parallel computation, obtains
To multiple code datas to be selected.
For example, host equipment can obtain the first code data to be selected and the second code data to be selected with parallel computation.
In the present embodiment, host equipment can once calculate several r_ { i }, and by the r_ of a sequence { i }, for example [r_
{ t }, r_ { t-1 } ..., r_ { t-16 }], while being sent to storage device.Storage device can in rainbow table parallel search it is defeated
R_ { i } sequence entered, and it is sent back to host equipment using lookup result as a sequence output.
Further, step 103 includes:If the default rainbow table is unsorted rainbow table, the storage device
Built-in storage control by using in a manner of linear search by the joint of the chain tail of the input parameter and default rainbow table
Value is matched;If the default rainbow table is unsorted rainbow table, the storage device is controlled by built-in storage
Device is matched the input parameter with the joint of the chain tail value of default rainbow table in a manner of using dichotomizing search.
In the present embodiment, for unsorted rainbow table, provides and a kind of table lookup function is realized using linear search
Method, referring to Fig. 4, Fig. 4 is a kind of schematic diagram for realizing table lookup function using linear search provided in an embodiment of the present invention,
Include the following steps:
Step 1, host computer send lookup value, start the locating function of solid-state hard disk controller;
Step 2, solid-state hard disk controller read into rainbow table in buffer area Buf paragraph by paragraph;
Step 3, hardware searching module are begun look for.
Wherein step 2 and step 3 can execute parallel.
For ordering rainbow table, separately provide it is a kind of using dichotomizing search come the method for realizing table lookup function, ask
Refering to Fig. 5, Fig. 5 is a kind of schematic diagram for realizing table lookup function using dichotomizing search provided in an embodiment of the present invention, specifically
, 1) if, the right row minimum values of input parameter ratio Fig. 2 it is small, directly exit and table look-up, if the right row of input parameter ratio Fig. 2 are maximum
Value is big, then equally exits and table look-up;2), input parameter and median are compared;3), if input parameter (P_Mid) and Fig. 2 are right
Row median is equal, then finds, successful match.4), if input parameter (P_Bot) is less than the right row medians of Fig. 2, scheming
5 lower half portion (Bottom) carry out binary chop;It goes to 2);If lower half portion is less than or equal to 2, searches, look into one by one
Backed off after random is looked for;If 5), input parameter (P_Top) is more than the right row medians of Fig. 2, two are carried out in Fig. 5 top halfs (Top)
Divide and searches;It goes to 2);If top half is less than or equal to 2, searches one by one, searched backed off after random.It should be noted that
The 2 right row median of middle section (Middle) corresponding diagram of Fig. 5.
The present embodiment additionally provides a kind of method for realizing table lookup function using multidiameter delay mode, referring to Fig. 6, figure
6 be a kind of schematic diagram for realizing table lookup function using multidiameter delay mode provided in an embodiment of the present invention, specifically, 1), set
Set n buffering area, the roads n parallel search;2), each buffering area is divide into upper part and lower part, ping-pong operation.Upper partial write rainbow
Table, lower part is for searching;Rainbow table is written in lower part, and upper part is for searching.
In the present embodiment, the calculating of hash function and attenuation function in rainbow table search operation is carried out at host equipment end,
These calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, and referred to as computation-intensive is grasped
Make.Since host equipment often has the computing capability more powerful than storage control, host equipment is allowed to undertake computation-intensive
Operation, which is conducive to improve, cracks speed.At storage device end, storage control is allowed to execute rainbow table table lookup operation.Rainbow table capacity
Huge, but simple in structure, table lookup operation needs to be related to mass data, but need not be very powerful computing capability, allow storage
Processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
Reference Fig. 7, the host equipment of one embodiment of the invention, including:
Computing module 201, the cryptographic Hash for treating decryption by presetting attenuation function are calculated, and obtain first
Code data to be selected;
Transceiver module 202, for being sent to the storage device using the described first code data to be selected as input parameter;
Processing module 203, the output parameter for receiving storage device feedback, and according to the output parameter to the Kazakhstan
Uncommon value carries out cracking operation, and the output parameter is to be joined the input by built-in storage control in the storage device
After number is matched with the joint of the chain tail value of default rainbow table, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
Further, the computing module 201 passes through others if being additionally operable to receive the unsuccessful message of matching
Default attenuation function is combined with the preset function that the default attenuation function for calculating first code data to be selected is formed to be treated
The cryptographic Hash of decryption is calculated, and the second code data to be selected is obtained;
The transceiver module 202 is additionally operable to be sent to described deposit using the described second code data to be selected as input parameter
Store up equipment;
The computing module 201 continues to be calculated next if being additionally operable to still receive the unsuccessful message of matching
Code data to be selected;
The transceiver module 202 is additionally operable to next code data to be selected being sent to the storage as input parameter
Equipment, until receiving the output parameter of the storage device feedback.
Further, the computing module 201, the cryptographic Hash for being additionally operable to treat decryption carry out parallel computation, obtain
Multiple code datas to be selected.
In the present embodiment, to the cryptographic Hash h that sets the goal, host equipment passes through r_ { t }:=R_ { t } (h) is calculated, and obtains r_
{ t }, i.e., the first code data to be selected.If host equipment obtains the output of " Not Found " as a result, host equipment continues to calculate
Second code data to be selected:r_{t-1}:=R_ { t } (H (R_ { t-1 } (h))), and r_ { t-1 } is passed through into master as input parameter
Machine-storage device interface is sent to storage device.The storage control of storage device executes and identical operation is described above, and returns
Return matched key assignments (output parameter) or " Not Found ".Host equipment can crack behaviour according to output parameter with complete independently
Make.If not receiving the unsuccessful message of matching yet, host equipment continues this process, calculates r_ { t-2 }, r_ { t-
3 } ... ..., { 1 } r_, and interacted in the same way with storage device, until cracking success, or crack failure.
Host equipment can once calculate several r_ { i }, and by the r_ of a sequence { i }, for example [r_ { t }, r_ { t-
1 } ..., r_ { t-16 }], while being sent to storage device.Storage device can in rainbow table parallel search input r_ { i }
Sequence, and it is sent back to host equipment using lookup result as a sequence output.
In the present embodiment, the calculating of hash function and attenuation function in rainbow table search operation is carried out at host equipment end,
These calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, and referred to as computation-intensive is grasped
Make.Since host equipment often has the computing capability more powerful than storage control, host equipment is allowed to undertake computation-intensive
Operation, which is conducive to improve, cracks speed.At storage device end, storage control is allowed to execute rainbow table table lookup operation.Rainbow table capacity
Huge, but simple in structure, table lookup operation needs to be related to mass data, but need not be very powerful computing capability, allow storage
Processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
Reference Fig. 8, the storage device of one embodiment of the invention, including:
Receiving module 301, for the input parameter that receiving host equipment is sent, the input parameter is the host equipment
The cryptographic Hash that decryption is treated by presetting attenuation function is calculated, obtained code data to be selected;
Matching module 302, for by built-in storage control by the last-of-chain of the input parameter and default rainbow table
Nodal value is matched;
Feedback module 303 makees the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match if being used for successful match
The host equipment is fed back to for output parameter, so that the host equipment carries out the cryptographic Hash according to the output parameter
Crack operation.
Further, the matching module 302, if being unsorted rainbow table specifically for the default rainbow table,
Built-in storage control by using in a manner of linear search by the joint of the chain tail of the input parameter and default rainbow table
Value is matched;If the default rainbow table is unsorted rainbow table, by built-in storage control to use two points
Method way of search matches the input parameter with the joint of the chain tail value of default rainbow table.
Further, the feedback module 303 will match unsuccessful message feedback if it is unsuccessful to be additionally operable to matching
To the host equipment.
In the present embodiment, the calculating of hash function and attenuation function in rainbow table search operation is carried out at host equipment end,
These calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, and referred to as computation-intensive is grasped
Make.Since host equipment often has the computing capability more powerful than storage control, host equipment is allowed to undertake computation-intensive
Operation, which is conducive to improve, cracks speed.At storage device end, storage control is allowed to execute rainbow table table lookup operation.Rainbow table capacity
Huge, but simple in structure, table lookup operation needs to be related to mass data, but need not be very powerful computing capability, allow storage
Processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
Reference Fig. 9, the system of the decryption of one embodiment of the invention, including:
Host equipment 401 and storage device 402;
The cryptographic Hash that host equipment 401 treats decryption by presetting attenuation function is calculated, and it is to be selected to obtain first
Code data;
Host equipment 401 is sent to storage device 402 using the described first code data to be selected as input parameter;
Storage device 402 is by built-in storage control by the joint of the chain tail value of the input parameter and default rainbow table
It is matched;
If successful match, storage device 402 is using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as defeated
Go out parameter feedback to the host equipment;
Host equipment 401 carries out the cryptographic Hash according to the output parameter to crack operation.
It should be noted that the system of the decryption provided in above-described embodiment and the method for decryption are all based on
Identical inventive concept.Therefore, the execution function of the host equipment 401 in the system of decryption and storage device 402 can
With referring to preceding method embodiment, details are not described herein.
In the present embodiment, the meter of hash function and attenuation function in rainbow table search operation is carried out at 401 end of host equipment
It calculates, these calculating need to consume a large amount of CPU or GPU computing resources, but the demand to I/O is limited, referred to as computation-intensive
Operation.Since host equipment 401 often has the computing capability more powerful than storage control, host equipment 401 is allowed to undertake meter
Calculation intensive, which is conducive to improve, cracks speed.At 402 end of storage device, allows storage control to execute rainbow table and table look-up behaviour
Make.Rainbow table capacity is huge, but simple in structure, and table lookup operation needs to be related to mass data, but need not be very powerful meter
Calculation ability, allow storage processor undertake it is data-intensive operation be equally beneficial for improve crack speed.
The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to the foregoing embodiments
Invention is explained in detail, it will be understood by those of ordinary skill in the art that:It still can be to aforementioned each implementation
Technical solution recorded in example is modified or equivalent replacement of some of the technical features;And these modification or
It replaces, the spirit and scope for various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution.
Claims (10)
1. a kind of method of decryption, which is characterized in that the method includes:
The cryptographic Hash that host equipment treats decryption by presetting attenuation function is calculated, and the first password number to be selected is obtained
According to;
The host equipment is sent to the storage device using the described first code data to be selected as input parameter;
The host equipment receives the output parameter of storage device feedback, and is carried out to the cryptographic Hash according to the output parameter
Crack operation, the output parameter be the storage device by built-in storage control by the input parameter with it is default
After the joint of the chain tail value of rainbow table is matched, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
2. according to the method described in claim 1, it is characterized in that, the method further includes:
If receiving the unsuccessful message of matching, pass through the default attenuation function of others and the calculating first password number to be selected
According to the preset function combination that is formed of default attenuation function treat the cryptographic Hash of decryption and calculated, it is to be selected to obtain second
Code data is sent to the storage device, if still receiving matching using the described second code data to be selected as input parameter
Unsuccessful message then continues that next code data to be selected is calculated, and joins next code data to be selected as input
Number is sent to the storage device, until receiving the output parameter of the storage device feedback.
3. according to the method described in claim 1, it is characterized in that, the method further includes:
The cryptographic Hash that the host equipment treats decryption carries out parallel computation, obtains multiple code datas to be selected.
4. a kind of method of decryption, which is characterized in that the method includes:
The input parameter that storage device receiving host equipment is sent, the input parameter are that the host equipment passes through default decaying
The cryptographic Hash that function treats decryption is calculated, obtained code data to be selected;
The storage device by built-in storage control by the joint of the chain tail value of the input parameter and default rainbow table into
Row matching, if successful match, the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match is fed back to as output parameter
The host equipment, so that the host equipment according to the output parameter carries out the cryptographic Hash cracking operation.
5. according to the method described in claim 4, it is characterized in that, the method further includes:
If matching is unsuccessful, unsuccessful message feedback will be matched to the host equipment.
6. according to the method described in claim 4, it is characterized in that, the storage device by built-in storage control by institute
State input parameter and the joint of the chain tail value of default rainbow table match including:
If the default rainbow table is unsorted rainbow table, the storage device is by built-in storage control to use
The mode of linear search matches the input parameter with the joint of the chain tail value of default rainbow table;If the default rainbow table
For unsorted rainbow table, then the storage device will be described in a manner of dichotomizing search to use by built-in storage control
Input parameter is matched with the joint of the chain tail value of default rainbow table.
7. a kind of host equipment, which is characterized in that the host equipment includes:
Computing module, the cryptographic Hash for treating decryption by presetting attenuation function are calculated, and it is to be selected close to obtain first
Code data;
Transceiver module, for being sent to the storage device using the described first code data to be selected as input parameter;
Processing module, for receive storage device feedback output parameter, and according to the output parameter to the cryptographic Hash into
Row cracks operation, the output parameter be the storage device by built-in storage control by the input parameter in advance
After if the joint of the chain tail value of rainbow table is matched, the corresponding first-in-chain(FIC) nodal value of joint of the chain tail value of successful match.
8. host equipment according to claim 7, which is characterized in that the computing module, if being additionally operable to receive matching
Unsuccessful message then passes through the default attenuation function of other default attenuation functions and calculating first code data to be selected
The cryptographic Hash that decryption is treated in the preset function combination formed is calculated, and the second code data to be selected is obtained;
The transceiver module is additionally operable to be sent to the storage device using the described second code data to be selected as input parameter;
The computing module continues to be calculated next to be selected close if being additionally operable to still receive the unsuccessful message of matching
Code data;
The transceiver module is additionally operable to next code data to be selected being sent to the storage device as input parameter, directly
To the output parameter for receiving the storage device feedback.
9. a kind of storage device, which is characterized in that the storage device includes:
Receiving module, for the input parameter that receiving host equipment is sent, the input parameter passes through pre- for the host equipment
If the cryptographic Hash that attenuation function treats decryption is calculated, obtained code data to be selected;
Matching module, for by built-in storage control by the joint of the chain tail value of the input parameter and default rainbow table into
Row matching;
Feedback module, if being used for successful match, using the corresponding first-in-chain(FIC) nodal value of the joint of the chain tail value of successful match as output
Parameter feedback gives the host equipment, so that the host equipment according to the output parameter carries out the cryptographic Hash cracking behaviour
Make.
10. storage device according to claim 9, which is characterized in that the matching module, if specifically for described default
Rainbow table is unsorted rainbow table, then is joined the input by using in a manner of linear search built-in storage control
Number is matched with the joint of the chain tail value of default rainbow table;If the default rainbow table is unsorted rainbow table, by interior
The storage control set is carried out the input parameter and the joint of the chain tail value of default rainbow table in a manner of using dichotomizing search
Matching.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810110777.1A CN108416208A (en) | 2018-02-05 | 2018-02-05 | A kind of method of decryption, host equipment and storage device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810110777.1A CN108416208A (en) | 2018-02-05 | 2018-02-05 | A kind of method of decryption, host equipment and storage device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108416208A true CN108416208A (en) | 2018-08-17 |
Family
ID=63126877
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810110777.1A Pending CN108416208A (en) | 2018-02-05 | 2018-02-05 | A kind of method of decryption, host equipment and storage device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108416208A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113139200A (en) * | 2021-05-11 | 2021-07-20 | 中国电子科技集团公司第三十研究所 | Method, system, computer program and storage medium for quickly cracking password |
CN113672963A (en) * | 2021-08-30 | 2021-11-19 | 国家计算机网络与信息安全管理中心 | Matching method and device based on rainbow table, storage medium and electronic equipment |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103049709A (en) * | 2013-01-22 | 2013-04-17 | 上海交通大学 | Code recovery system and recovery method based on generator and extended rainbow table |
US20130290731A1 (en) * | 2012-04-26 | 2013-10-31 | Appsense Limited | Systems and methods for storing and verifying security information |
CN103400072A (en) * | 2013-07-31 | 2013-11-20 | 厦门市美亚柏科信息股份有限公司 | Hash value password recovering method and device |
CN105933120A (en) * | 2016-04-06 | 2016-09-07 | 清华大学 | Spark platform-based password hash value recovery method and device |
CN106357384A (en) * | 2016-08-26 | 2017-01-25 | 广州慧睿思通信息科技有限公司 | Word2003 document cracking system based on FPGA hardware and method |
CN106712928A (en) * | 2016-12-13 | 2017-05-24 | 云南电网有限责任公司电力科学研究院 | Big data rainbow table based decryption method and device |
CN107425957A (en) * | 2017-08-31 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of cryptographic attack method, apparatus and isomery accelerate platform |
CN107566348A (en) * | 2017-08-11 | 2018-01-09 | 广州慧睿思通信息科技有限公司 | One kind is based on the distributed shifty decryption systems of FPGA and its method |
-
2018
- 2018-02-05 CN CN201810110777.1A patent/CN108416208A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130290731A1 (en) * | 2012-04-26 | 2013-10-31 | Appsense Limited | Systems and methods for storing and verifying security information |
CN103049709A (en) * | 2013-01-22 | 2013-04-17 | 上海交通大学 | Code recovery system and recovery method based on generator and extended rainbow table |
CN103400072A (en) * | 2013-07-31 | 2013-11-20 | 厦门市美亚柏科信息股份有限公司 | Hash value password recovering method and device |
CN105933120A (en) * | 2016-04-06 | 2016-09-07 | 清华大学 | Spark platform-based password hash value recovery method and device |
CN106357384A (en) * | 2016-08-26 | 2017-01-25 | 广州慧睿思通信息科技有限公司 | Word2003 document cracking system based on FPGA hardware and method |
CN106712928A (en) * | 2016-12-13 | 2017-05-24 | 云南电网有限责任公司电力科学研究院 | Big data rainbow table based decryption method and device |
CN107566348A (en) * | 2017-08-11 | 2018-01-09 | 广州慧睿思通信息科技有限公司 | One kind is based on the distributed shifty decryption systems of FPGA and its method |
CN107425957A (en) * | 2017-08-31 | 2017-12-01 | 郑州云海信息技术有限公司 | A kind of cryptographic attack method, apparatus and isomery accelerate platform |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113139200A (en) * | 2021-05-11 | 2021-07-20 | 中国电子科技集团公司第三十研究所 | Method, system, computer program and storage medium for quickly cracking password |
CN113672963A (en) * | 2021-08-30 | 2021-11-19 | 国家计算机网络与信息安全管理中心 | Matching method and device based on rainbow table, storage medium and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Jiang et al. | Enabling efficient and verifiable multi-keyword ranked search over encrypted cloud data | |
Iliev et al. | Protecting client privacy with trusted computing at the server | |
Ibrahim et al. | Secure rank-ordered search of multi-keyword trapdoor over encrypted cloud data | |
US20150039903A1 (en) | Masking query data access pattern in encrypted data | |
CN111310222B (en) | File encryption method | |
Iliev et al. | Private information storage with logarithmic-space secure hardware | |
US20190156057A1 (en) | Efficiently querying databases while providing differential privacy | |
Sprengers | GPU-based password cracking | |
CN108416208A (en) | A kind of method of decryption, host equipment and storage device | |
Hu et al. | Efficient wildcard search over encrypted data | |
Nelson et al. | Shepard: A fast exact match short read aligner | |
Yu et al. | Generalized external interaction with tamper-resistant hardware with bounded information leakage | |
Asharov et al. | Efficient secure three-party sorting with applications to data analysis and heavy hitters | |
Wang et al. | Practical volume-hiding encrypted multi-maps with optimal overhead and beyond | |
Ren et al. | Privacy-preserving ranked multi-keyword search leveraging polynomial function in cloud computing | |
US20110289194A1 (en) | Cloud data storage system | |
CN116644146A (en) | Document searching method, device and system, electronic equipment and storage medium | |
Primmer et al. | Collision and preimage resistance of the Centera content address | |
Kim et al. | High‐speed parallel implementations of the rainbow method based on perfect tables in a heterogeneous system | |
Andavan et al. | Cloud computing based deduplication using high-performance grade byte check and fuzzy search technique | |
US11645409B2 (en) | Search and access pattern hiding verifiable searchable encryption for distributed settings with malicious servers | |
Kumar et al. | Differential Evolution based bucket indexed data deduplication for big data storage | |
Xu et al. | Massive fishing website URL parallel filtering method | |
Sykes et al. | An improved parallel implementation of RainbowCrack using MPI | |
Beame et al. | Massively-parallel similarity join, edge-isoperimetry, and distance correlations on the hypercube |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180817 |