Research And Implementation Of The Key Technology Of Distributed Hashcat Based On DCR Platform

With the rapid development of Internet and information technology,it is becoming more and more convenient to obtain information.At the same time,information security is getting more and more attention.As an authentication method,password is an important way to ensure information security.In order to ensure the safety of information,people often set up complex passwords and encryption algorithms.Once the password is forgotten or lost,it would be very difficult to recover passwords by ordinary brute force.At present,the basic password encryption algorithms include MD5,MD4 and SHA1.In addition,the algorithm designers will mix and iterate these basic algorithms to increase the computational complexity and make the password recovery more complex.At the same time,with the rapid development of computing chips(such as GPU and FPGA),the unit computing power of chips is also becoming stronger and stronger,which greatly improves the efficiency of password recovery.Therefore,in order to improve the efficiency of password recovery,there are two main methods: 1.Improve the computing power of the machine.2.Make reasonable attack strategies according to the law of the password to improve the cracking efficiency.Based on the above two methods,this paper implements a distributed password recovery system:DCR_hashcat.The system is based on Hashcat and DCR parallel platform.Hashcat is the fastest open source password recovery tool in the world.DCR is a parallel framework,which provides network communication,task distribution and other functions for the realization of Hashcat distribution.DCR_hashcat implements three mainstream password attack methods: brute-force attack,rolling attack and PCFG attack.At the same time,DCR_hashcat also implements a high-performance task decomposer for these three methods,which can decompose the original task efficiently.The system not only supports all algorithms of Hashcat,but also supports more algorithms by modifying the kernel(for example,RAR3 does not encrypt file name algorithm),which makes the system algorithm more perfect.At the end of this paper,the system will be tested for correctness and performance,and eventually the password recovery system has the ability for engineering application.