计算机科学 ›› 2020, Vol. 47 ›› Issue (11): 32-41.doi: 10.11896/jsjkx.200500040

所属专题: 智能移动身份认证

• 智能移动身份认证 • 上一篇    下一篇

基于FPGA集群的Office口令恢复优化实现

李斌1, 周清雷1, 斯雪明2, 陈晓杰2   

  1. 1 郑州大学信息工程学院 郑州 450001
    2 数学工程与先进计算国家重点实验室 郑州 450001
  • 收稿日期:2020-05-11 修回日期:2020-08-22 出版日期:2020-11-15 发布日期:2020-11-05
  • 通讯作者: 李斌(iebinli@zzu.edu.cn)
  • 基金资助:
    国家重点研发计划项目(2016YFB0800100,2016YFB0800101);国家自然科学基金面上项目(61572444)

Optimized Implementation of Office Password Recovery Based on FPGA Cluster

LI Bin1, ZHOU Qing-lei1, SI Xue-ming2, CHEN Xiao-jie2   

  1. 1 School of Information Engineering,Zhengzhou University,Zhengzhou 450001,China
    2 State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China
  • Received:2020-05-11 Revised:2020-08-22 Online:2020-11-15 Published:2020-11-05
  • About author:LI Bin,born in 1986,Ph.D,lecturer.His main research interests include high-performance computing and information security.
  • Supported by:
    This work was supported by the National Key Research and Development Program of China (2016YFB0800100,2016YFB0800101) and General Program of National Natural Science Foundation of China (61572444).

摘要: 口令恢复是口令找回和电子取证的关键技术,而加密的Office文档被广泛使用,实现Office加密文档的有效恢复对信息安全具有重要的意义。口令恢复是计算密集型任务,需要硬件加速来实现恢复过程,传统的CPU和GPU受限于处理器结构,大大限制了口令验证速度的进一步提升。基于此,文中提出了基于FPGA集群的口令恢复系统。通过详细分析Office加密机制,给出了各版本Office的口令恢复流程。其次,在FPGA上以流水线结构优化了核心Hash算法,以LUT (Look Up Table)合并运算优化改进了AES (Advanced Encryption Standard)算法,以高速并行实现了口令生成算法。同时,以多算子并行设计了FPGA整体架构,实现了Office口令的快速恢复。最后,采用FPGA加速卡搭建集群,配合动态口令切分策略,充分发掘了FPGA低功耗高性能的计算特性。实验结果表明,无论在计算速度还是能效比上,优化后的FPGA加速卡都是GPU的2倍以上,具有明显的优势,非常适合大规模部署于云端,以缩短恢复时间找回口令。

关键词: AES, FPGA, Office加密文档, SHA1(Secure Hash Algorithm 1), 口令恢复, 信息安全

Abstract: Password recovery is the key technology of password back and electronic forensics.While encrypted office documents are widely used,it is of great significance to achieve the effective recovery of office encrypted documents for information security.Password recovery is a computation-intensive task and requires hardware acceleration to implement the recovery process.Traditional CPUs and GPUs are limited by the processor structure,which greatly limits the further increase in password verification speed.In view of this,this paper proposes a password recovery system based on FPGA cluster.Through detailed analysis of the office encryption mechanism,the password recovery process of each version of office is given.Secondly,the core Hash algorithm is optimized with a pipeline structure on FPGA,the AES algorithm is improved by LUT merging operation,and the password generation algorithm is implemented in parallel at high speed.At the same time,the architecture of FPGA is designed with multiple algorithm sub-modules in parallel,which realizes the fast recovery of office password.Finally,the FPGA accelerator card is used to build the cluster,and the dynamic password segmentation strategy is used to fully explore the low-power and high-performance computing features of FPGAs.The experimental results show that the optimized FPGA accelerator card is more than twice the GPU in terms of computing speed and energy efficiency ratio,which has obvious advantages and is very suitable for large-scale deployment in the cloud to shorten the recovery time and retrieve the password.

Key words: AES, FPGA, Information security, Office encrypted document, Password recovery, SHA1

中图分类号: 

  • TP309
[1] HONG J,CHEN Z,HU J.Analysis of encryptionmechanism in Office 2013[C]//2015 IEEE 9th International Conference on Anti-counterfeiting,Security,and Identification (ASID).IEEE,2015:29-32.
[2] HRANICK R,MATOUŠEK P,RYŠAV O,et al.Experimental evaluation of password recovery in encrypted documents[C]//Proceedings of ICISSP.2016:299-306.
[3] WANG P,WANG D,HUANG X Y.Advances in password security[J].Journal of Computer Research and Development,2016,53(10):2173-2188.
[4] KAKARLA T,MAIRAJ A,JAVAID A Y.A Real-World Password Cracking Demonstration Using Open Source Tools for Instructional Use[C]//2018 IEEE International Conference on Electro/Information Technology (EIT).IEEE,2018:0387-0391.
[5] MA J,YANG W,LUO M,et al.A Study of Probabilistic Password Models[C]//IEEE Symposium on Security and Privacy.2014:689-704.
[6] WANG D,ZHANG Z J,WANG P,et al.Targeted Online Password Guessing:An Underestimated Threat[C]//ACM Sigsac Conference on Computer and Communications Security.ACM,2016:1242-1254.
[7] WANG D,WANG P,HE D,et al.Birthday,Name and Bifacial-security:Understanding Passwords of Chinese Web Users[C]//28th USENIX Security Symposium.2019:1537-1554.
[8] WANG D,JIAN G P,HUANG X Y,et al.Zipf's Law in Passwords[J].IEEE Transactions on Information Forensics and Security,2017,12(11):2776-2791.
[9] WIRTHLIN M.High-reliability FPGA-based systems:space,high-energy physics,and beyond[J].Proceedings of the IEEE,2015,103(3):379-389.
[10] LI B,ZHOU Q,SI X.Mimic computing for password recovery[J].Future Generation Computer Systems,2018,84:58-77.
[11] MS-CFB:Compound File Binary File Format (v2018091) [EB/OL].https://docs.microsoft.com/zh-cn/openspecs/ windows_protocols/ms-cfb.
[12] MS-OFFCRYPTO:Office Document Cryptography Structure(v20181211) [EB/OL].https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-offcrypto/.
[13] SONG J,SUN Z Z,LI T T,et al.Research Advance on Code Oriented Optimization of Software Energy Consumption[J].Chin-ese Journal of Computers,2016,39(11):2270-2290.
[14] MICHAIL H E,ATHANASIOU G S,KELEFOURAS V I,et al.Area-throughput trade-offs for SHA-1 and SHA-256 hash functions' pipelined designs[J].Journal of Circuits,Systems and Computers,2016,25(4):1-27.
[15] SUHAILI S,WATANABE T.High throughput evaluation ofSHA-1 implementation using unfolding transformation[J].ARPN Journal of Engineering and Applied Sciences,2016,11(5):3350-3355.
[16] WONG M M,WONG D M L,ZHANG C,et al.Circuit and system design for optimal lightweight AES encryption on FPGA[J].IAENG International Journal of Computer Science,2018:45(1):52-62.
[17] HAFSA A,SGHAIER A,MACHHOUT M,et al.A New security Approach to Support the operations of ECC and AES Algorithms on FPGA[C]//2019 19th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA).IEEE,2019:95-100.
[18] RAO M,KAKNJO A,OMERDIC E,et al.An efficient highspeed AES implementation using Traditional FPGA and LabVIEW FPGA platforms[C]//2018 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).IEEE,2018:932-937.
[19] DING Q,ZHANG Z,LI S,et al.Energy-Efficient RAR3 Password Recovery with Dual-Granularity Data Path Strategy[C]//2019 IEEE International Symposium on Circuits and Systems (ISCAS).IEEE,2019:1-5.
[20] BAI X,JIANG L,YANG J,et al.Password Recovery for ZIP Files Based on ARM-FPGA Cluster[C]//2017 International Conference on Security,Privacy and Anonymity in Computation,Communication and Storage (SpaCCS).2017:405-414.
[21] HRANICK R,ZOBAL L,VEEA V,et al.Distributed Password Cracking in a Hybrid Environment[C]//Proceedings of SPI.2017:75-90.
[22] LIU P,LI S,DING Q.An energy-efficient accelerator based on hybrid CPU-FPGA devices for password recovery[J].IEEE Transactions on Computers,2018,68(2):170-181.
[23] HAN Y,ZHOU Q L,LI B,et al.High-performance VPN Password Recovery Method on Multiple FPGAs[J].Journal of Chinese Computer Systems,2019,40(4):79-84.
[24] CHEN X J,ZHOU Q L,LI B.EnergyGefficient Password Recovery Methodfor7GZip Document Basedon FPGA[J].Compu-ter Science,2020,47(1):321-328.
[1] 刘凯祥, 谢永芳, 陈新, 吕飞, 刘俊矫.
基于DTMC的工业串行协议状态检测算法
Industrial Serial Protocol State Detection Algorithm Based on DTMC
计算机科学, 2022, 49(3): 301-307. https://doi.org/10.11896/jsjkx.210200078
[2] 王登天, 周华, 钱荷玥.
LDPC自适应最小和译码算法及其FPGA实现
LDPC Adaptive Minimum Sum Decoding Algorithm and Its FPGA Implementation
计算机科学, 2021, 48(6A): 608-612. https://doi.org/10.11896/jsjkx.200800134
[3] 齐延荣, 周夏冰, 李斌, 周清雷.
基于FPGA的CNN图像识别加速与优化
FPGA-based CNN Image Recognition Acceleration and Optimization
计算机科学, 2021, 48(4): 205-212. https://doi.org/10.11896/jsjkx.200600089
[4] 辜双佳, 刘万平, 黄东.
基于AES和QR的快递信息加密应用
Application of Express Information Encryption Based on AES and QR
计算机科学, 2021, 48(11A): 588-591. https://doi.org/10.11896/jsjkx.210100024
[5] 王喆, 唐麒, 王玲, 魏急波.
一种基于模拟退火的动态部分可重构系统划分-调度联合优化算法
Joint Optimization Algorithm for Partition-Scheduling of Dynamic Partial Reconfigurable Systems Based on Simulated Annealing
计算机科学, 2020, 47(8): 26-31. https://doi.org/10.11896/jsjkx.200500110
[6] 陈利锋, 朱路平.
一种基于云端加密的FPGA自适应动态配置方法
Encrypted Dynamic Configuration Method of FPGA Based on Cloud
计算机科学, 2020, 47(7): 278-281. https://doi.org/10.11896/jsjkx.190700110
[7] 陆垚, 陈开颜, 王寅龙, 尚倩伊.
针对AES查表法最后一轮加密的L3缓存攻击
L3 Cache Attack Against Last Round of Encryption AES Table Lookup Method
计算机科学, 2020, 47(6A): 375-380. https://doi.org/10.11896/JsJkx.190900157
[8] 赵博, 杨明, 汤志伟, 蔡玉鑫.
基于FPGA的智能视频加速检索系统
Intelligent Video Surveillance Systems Based on FPGA
计算机科学, 2020, 47(6A): 609-611. https://doi.org/10.11896/JsJkx.190700118
[9] 朱丽花, 王玲, 唐麒, 魏急波.
一种针对动态部分可重构SoC软硬件划分的高效MILP模型
Efficient MILP Model for HW/SW Partitioning of Dynamic Partial Reconfigurable SoC
计算机科学, 2020, 47(4): 18-24. https://doi.org/10.11896/jsjkx.190300001
[10] 周惠婷, 周杰.
基于改进NC-OFDM算法的仿真设计与分析
Simulation and Analysis on Improved NC-OFDM Algorithm
计算机科学, 2020, 47(10): 263-268. https://doi.org/10.11896/jsjkx.190800043
[11] 陈晓杰,周清雷,李斌.
基于FPGA的7-Zip加密文档高能效口令恢复方法
Energy-efficient Password Recovery Method for 7-Zip Document Based on FPGA
计算机科学, 2020, 47(1): 321-328. https://doi.org/10.11896/jsjkx.190100027
[12] 孙连山,欧阳晓通,徐艳艳,王艺星.
面向间接依赖的数据起源过滤方法
Novel Sanitization Approach for Indirect Dependencies in Provenance Graph
计算机科学, 2019, 46(3): 164-169. https://doi.org/10.11896/j.issn.1002-137X.2019.03.025
[13] 王辉, 周明明.
基于区块链的医疗信息安全存储模型
Medical Information Security Storage Model Based on Blockchain Technology
计算机科学, 2019, 46(12): 174-179. https://doi.org/10.11896/jsjkx.181102034
[14] 詹雄, 郭昊, 何小芸, 刘周斌, 孙学洁, 陈红松.
国家电网边缘计算信息系统安全风险评估方法研究
Research on Security Risk Assessment Method of State Grid Edge Computing Information System
计算机科学, 2019, 46(11A): 428-432.
[15] 贾迅, 钱磊, 邬贵明, 吴东, 谢向辉.
FPGA应用于高性能计算的研究现状和未来挑战
Research Advances and Future Challenges of FPGA-based High Performance Computing
计算机科学, 2019, 46(11): 11-19. https://doi.org/10.11896/jsjkx.191100500C
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!