计算机科学 ›› 2020, Vol. 47 ›› Issue (11): 32-41.doi: 10.11896/jsjkx.200500040
所属专题: 智能移动身份认证
李斌1, 周清雷1, 斯雪明2, 陈晓杰2
LI Bin1, ZHOU Qing-lei1, SI Xue-ming2, CHEN Xiao-jie2
摘要: 口令恢复是口令找回和电子取证的关键技术,而加密的Office文档被广泛使用,实现Office加密文档的有效恢复对信息安全具有重要的意义。口令恢复是计算密集型任务,需要硬件加速来实现恢复过程,传统的CPU和GPU受限于处理器结构,大大限制了口令验证速度的进一步提升。基于此,文中提出了基于FPGA集群的口令恢复系统。通过详细分析Office加密机制,给出了各版本Office的口令恢复流程。其次,在FPGA上以流水线结构优化了核心Hash算法,以LUT (Look Up Table)合并运算优化改进了AES (Advanced Encryption Standard)算法,以高速并行实现了口令生成算法。同时,以多算子并行设计了FPGA整体架构,实现了Office口令的快速恢复。最后,采用FPGA加速卡搭建集群,配合动态口令切分策略,充分发掘了FPGA低功耗高性能的计算特性。实验结果表明,无论在计算速度还是能效比上,优化后的FPGA加速卡都是GPU的2倍以上,具有明显的优势,非常适合大规模部署于云端,以缩短恢复时间找回口令。
中图分类号:
[1] HONG J,CHEN Z,HU J.Analysis of encryptionmechanism in Office 2013[C]//2015 IEEE 9th International Conference on Anti-counterfeiting,Security,and Identification (ASID).IEEE,2015:29-32. [2] HRANICK R,MATOUEK P,RYAV O,et al.Experimental evaluation of password recovery in encrypted documents[C]//Proceedings of ICISSP.2016:299-306. [3] WANG P,WANG D,HUANG X Y.Advances in password security[J].Journal of Computer Research and Development,2016,53(10):2173-2188. [4] KAKARLA T,MAIRAJ A,JAVAID A Y.A Real-World Password Cracking Demonstration Using Open Source Tools for Instructional Use[C]//2018 IEEE International Conference on Electro/Information Technology (EIT).IEEE,2018:0387-0391. [5] MA J,YANG W,LUO M,et al.A Study of Probabilistic Password Models[C]//IEEE Symposium on Security and Privacy.2014:689-704. [6] WANG D,ZHANG Z J,WANG P,et al.Targeted Online Password Guessing:An Underestimated Threat[C]//ACM Sigsac Conference on Computer and Communications Security.ACM,2016:1242-1254. [7] WANG D,WANG P,HE D,et al.Birthday,Name and Bifacial-security:Understanding Passwords of Chinese Web Users[C]//28th USENIX Security Symposium.2019:1537-1554. [8] WANG D,JIAN G P,HUANG X Y,et al.Zipf's Law in Passwords[J].IEEE Transactions on Information Forensics and Security,2017,12(11):2776-2791. [9] WIRTHLIN M.High-reliability FPGA-based systems:space,high-energy physics,and beyond[J].Proceedings of the IEEE,2015,103(3):379-389. [10] LI B,ZHOU Q,SI X.Mimic computing for password recovery[J].Future Generation Computer Systems,2018,84:58-77. [11] MS-CFB:Compound File Binary File Format (v2018091) [EB/OL].https://docs.microsoft.com/zh-cn/openspecs/ windows_protocols/ms-cfb. [12] MS-OFFCRYPTO:Office Document Cryptography Structure(v20181211) [EB/OL].https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-offcrypto/. [13] SONG J,SUN Z Z,LI T T,et al.Research Advance on Code Oriented Optimization of Software Energy Consumption[J].Chin-ese Journal of Computers,2016,39(11):2270-2290. [14] MICHAIL H E,ATHANASIOU G S,KELEFOURAS V I,et al.Area-throughput trade-offs for SHA-1 and SHA-256 hash functions' pipelined designs[J].Journal of Circuits,Systems and Computers,2016,25(4):1-27. [15] SUHAILI S,WATANABE T.High throughput evaluation ofSHA-1 implementation using unfolding transformation[J].ARPN Journal of Engineering and Applied Sciences,2016,11(5):3350-3355. [16] WONG M M,WONG D M L,ZHANG C,et al.Circuit and system design for optimal lightweight AES encryption on FPGA[J].IAENG International Journal of Computer Science,2018:45(1):52-62. [17] HAFSA A,SGHAIER A,MACHHOUT M,et al.A New security Approach to Support the operations of ECC and AES Algorithms on FPGA[C]//2019 19th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA).IEEE,2019:95-100. [18] RAO M,KAKNJO A,OMERDIC E,et al.An efficient highspeed AES implementation using Traditional FPGA and LabVIEW FPGA platforms[C]//2018 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).IEEE,2018:932-937. [19] DING Q,ZHANG Z,LI S,et al.Energy-Efficient RAR3 Password Recovery with Dual-Granularity Data Path Strategy[C]//2019 IEEE International Symposium on Circuits and Systems (ISCAS).IEEE,2019:1-5. [20] BAI X,JIANG L,YANG J,et al.Password Recovery for ZIP Files Based on ARM-FPGA Cluster[C]//2017 International Conference on Security,Privacy and Anonymity in Computation,Communication and Storage (SpaCCS).2017:405-414. [21] HRANICK R,ZOBAL L,VEEA V,et al.Distributed Password Cracking in a Hybrid Environment[C]//Proceedings of SPI.2017:75-90. [22] LIU P,LI S,DING Q.An energy-efficient accelerator based on hybrid CPU-FPGA devices for password recovery[J].IEEE Transactions on Computers,2018,68(2):170-181. [23] HAN Y,ZHOU Q L,LI B,et al.High-performance VPN Password Recovery Method on Multiple FPGAs[J].Journal of Chinese Computer Systems,2019,40(4):79-84. [24] CHEN X J,ZHOU Q L,LI B.EnergyGefficient Password Recovery Methodfor7GZip Document Basedon FPGA[J].Compu-ter Science,2020,47(1):321-328. |
[1] | 刘凯祥, 谢永芳, 陈新, 吕飞, 刘俊矫. 基于DTMC的工业串行协议状态检测算法 Industrial Serial Protocol State Detection Algorithm Based on DTMC 计算机科学, 2022, 49(3): 301-307. https://doi.org/10.11896/jsjkx.210200078 |
[2] | 王登天, 周华, 钱荷玥. LDPC自适应最小和译码算法及其FPGA实现 LDPC Adaptive Minimum Sum Decoding Algorithm and Its FPGA Implementation 计算机科学, 2021, 48(6A): 608-612. https://doi.org/10.11896/jsjkx.200800134 |
[3] | 齐延荣, 周夏冰, 李斌, 周清雷. 基于FPGA的CNN图像识别加速与优化 FPGA-based CNN Image Recognition Acceleration and Optimization 计算机科学, 2021, 48(4): 205-212. https://doi.org/10.11896/jsjkx.200600089 |
[4] | 辜双佳, 刘万平, 黄东. 基于AES和QR的快递信息加密应用 Application of Express Information Encryption Based on AES and QR 计算机科学, 2021, 48(11A): 588-591. https://doi.org/10.11896/jsjkx.210100024 |
[5] | 王喆, 唐麒, 王玲, 魏急波. 一种基于模拟退火的动态部分可重构系统划分-调度联合优化算法 Joint Optimization Algorithm for Partition-Scheduling of Dynamic Partial Reconfigurable Systems Based on Simulated Annealing 计算机科学, 2020, 47(8): 26-31. https://doi.org/10.11896/jsjkx.200500110 |
[6] | 陈利锋, 朱路平. 一种基于云端加密的FPGA自适应动态配置方法 Encrypted Dynamic Configuration Method of FPGA Based on Cloud 计算机科学, 2020, 47(7): 278-281. https://doi.org/10.11896/jsjkx.190700110 |
[7] | 陆垚, 陈开颜, 王寅龙, 尚倩伊. 针对AES查表法最后一轮加密的L3缓存攻击 L3 Cache Attack Against Last Round of Encryption AES Table Lookup Method 计算机科学, 2020, 47(6A): 375-380. https://doi.org/10.11896/JsJkx.190900157 |
[8] | 赵博, 杨明, 汤志伟, 蔡玉鑫. 基于FPGA的智能视频加速检索系统 Intelligent Video Surveillance Systems Based on FPGA 计算机科学, 2020, 47(6A): 609-611. https://doi.org/10.11896/JsJkx.190700118 |
[9] | 朱丽花, 王玲, 唐麒, 魏急波. 一种针对动态部分可重构SoC软硬件划分的高效MILP模型 Efficient MILP Model for HW/SW Partitioning of Dynamic Partial Reconfigurable SoC 计算机科学, 2020, 47(4): 18-24. https://doi.org/10.11896/jsjkx.190300001 |
[10] | 周惠婷, 周杰. 基于改进NC-OFDM算法的仿真设计与分析 Simulation and Analysis on Improved NC-OFDM Algorithm 计算机科学, 2020, 47(10): 263-268. https://doi.org/10.11896/jsjkx.190800043 |
[11] | 陈晓杰,周清雷,李斌. 基于FPGA的7-Zip加密文档高能效口令恢复方法 Energy-efficient Password Recovery Method for 7-Zip Document Based on FPGA 计算机科学, 2020, 47(1): 321-328. https://doi.org/10.11896/jsjkx.190100027 |
[12] | 孙连山,欧阳晓通,徐艳艳,王艺星. 面向间接依赖的数据起源过滤方法 Novel Sanitization Approach for Indirect Dependencies in Provenance Graph 计算机科学, 2019, 46(3): 164-169. https://doi.org/10.11896/j.issn.1002-137X.2019.03.025 |
[13] | 王辉, 周明明. 基于区块链的医疗信息安全存储模型 Medical Information Security Storage Model Based on Blockchain Technology 计算机科学, 2019, 46(12): 174-179. https://doi.org/10.11896/jsjkx.181102034 |
[14] | 詹雄, 郭昊, 何小芸, 刘周斌, 孙学洁, 陈红松. 国家电网边缘计算信息系统安全风险评估方法研究 Research on Security Risk Assessment Method of State Grid Edge Computing Information System 计算机科学, 2019, 46(11A): 428-432. |
[15] | 贾迅, 钱磊, 邬贵明, 吴东, 谢向辉. FPGA应用于高性能计算的研究现状和未来挑战 Research Advances and Future Challenges of FPGA-based High Performance Computing 计算机科学, 2019, 46(11): 11-19. https://doi.org/10.11896/jsjkx.191100500C |
|