He claims that the console can crack passwords at speeds 300 times faster than Intel hardware can.
Speed is the most important factor in "brute force" password cracking, and Breese says the PS3 helps cut down speed considerably.
"Suddenly we have a massive increase in terms of . . . cryptography cracking," he said. "Eight-character 'strong' passwords can be broken in a couple of days whereas before it would take weeks."
Breese does note howevwer, that other password types are handled more securely and remain unaffected by Breese's findings.
"They're still safe. However, the gap has shrunk a hell of a lot," he added. "If you had access to a thousand PlayStations you could (still) crack an eight-character Linux password in a few days."
The PS3 can also be used to "break basic encryption schemes" added Breese, although "ciphers such as the 128-bit Secure Sockets Layer (SSL)" are safe for the time being. "It'll speed up the attacks but I can't see that it's broken, (It) is still safe because the people implementing the ciphers foresaw CPU power rapidly increasing."
To conclude his findings, Breese hopes that the report will encourage software-makers to increase their password security. "That's the reason I'm doing this," he says.
Source:
TheAge
Written by: Andre Yoskowitz @ 28 Nov 2007 17:59