Russian tech company ElcomSoft Co. Ltd has been going since 1990, serving up state-of-the-art tools for the computer forensics market, plus they provide computer forensics training and computer evidence consulting services. About 10 years ago they started to supply an impressive client base of law enforcement agencies, the military, and even intelligence agencies. In fact, most Fortune 500 corporations and foreign governments use their products, as do all major accounting firms.
So why are they of interest to us? Put simply, ElcomSoft’s new product – catchily named Elcomsoft Distributed Password Recovery – allows any machine (yes, regardless of whether you’re using a server, desktop or laptop) with a supported NVIDIA card to break Wi-Fi encryption. And this so-called GPU acceleration technology does it up to 100 times faster than you can do it using a CPU alone!
Now, tools like these are typically fast and inexpensive, but ElcomSoft’s solution moves at unbelievable speed when you access more than one CPU. 2 machines takes half the time, a network of 6 machines 1/6 of the time… you get the idea. So even though that’s pretty good in itself, using the Graphic Processing Units or GPU as well takes even a single machine into the league of VERY fast. ElcomSoft reports Distributed Password recovery can try 5000 passwords pre second with just one GeForce GTX260 on Office 2007 documents. This compares with a sluggish 200 per second or a regular CPU (Core2Duo). They report speed increases of 10-15 times on a “moderate laptop” – i.e. one with NVIDIA GeForce 8800M or 9800M series GPU, or up to a mammoth 100 times when running on a desktop with two or more NVIDIA GTX 280 boards.
Elcomsoft Distributed Password Recovery is patent pending (of course) and they say that because it supports both old-style WPA and the newer WPA2 encryption that most Wi-Fi networks rely on, Wi-Fi protection can be broken fairly fast and easy with “most” machines. It’ll recover a wide variety of system passwords (including NTLM and startup passwords) and can crack MD5 hashes, as well as unlocking password-protected documents in MS Office 97-2007 and Adobe Acrobat, as well as PGP and UNIX and Oracle user passwords.
They claim it offers “the fastest password recovery by a huge margin” – and we think they’re right. But at a high-end price it may not be affordable for non-corporate users.
