

Password cracking, mining, and GPUs - d0ne
http://erratasec.blogspot.com/2011/06/password-cracking-mining-and-gpus.html

======
kayoone
Mining bitcoins and selling them will soon be not profitable anymore. It was
just some weeks ago but since that time loads of people started mining and now
the difficulty of the mining algorithm goes up every 7-10days effectivly
cutting profits in half. I you buy a mining rig now you will probably never be
able to pay it off as electricity costs will eat up all profits before August
of this year. Of course the value of Bitcoins could raise dramatically to make
it profitable again, but if and when that happens remains to be seen.

~~~
ars
> Of course the value of Bitcoins could raise dramatically to make it
> profitable again

If the value didn't go up people would stop mining. If people stopped mining
the difficulty level would go down.

So basically the value of bitcoins will always stabilize at the cost of
electricity for the most efficient rig.

But the efficiency of rigs changes constantly, but that is offset by the
difficulty changing. So I'm not quite sure how the balance will stay longterm.

But in the short term the value is pegged to the cost of energy.

~~~
caf
It's not the value of bitcoins that stabilises but the difficulty of producing
bitcoins (measured in average number of trial hashes per BTC). Given:

D = difficulty (HASH/BTC)

E = marginal efficiency (HASH/kWH)

V = value of bitcoins (USD/BTC)

C = cost of electricity (USD/kWH)

then in equlibrium, the difficulty will be equal such that the electricity you
can purchase with a generated bitcoin will just balance out the electricity
required to produce it (neglecting depreciation of equipment, time value of
money etc..):

D ~= (E * V) / C

So this predicts that equilibrium difficulty will increase when marginal
mining efficiency increases (ie. more power-efficient GPUs are available),
when the value of bitcoins increases, and when the price of electricity
decreases.

(Note that there is no guarantee that the system will reach equilibrium - the
relatively long time lag taken for the difficulty to adjust in the protocol
may mean it doesn't).

It is also notable that you can rearrange to solve for `V`, allowing you to
determine an estimate of the underlying theoretical value of bitcoins based on
the current difficulty level, the efficiency of the best GPU now available,
and the price of electricity.

~~~
IsaacL
Some people (eg, college students) have access to unmetered electricity, but
we don't see such people dominating current mining efforts (AFAIK). I'm
guessing this is because of the cost of hardware, so I think your model should
also take into account the amortized cost of buying GPUs - though I don't know
how significant that would be compared to the costs of electricity.

~~~
caf
That is, of course, left as an exercise for the reader ;)

(As long as the number of students with unmetered power partipating is small
compared to the number of miners, it shouldn't significantly affect the
analysis. It's the marginal cost faced by a new entrant that's of interest - a
relatively small number of students mining simply adds a background base level
of difficulty).

------
mcantelon
Macbook Pro at 17 MH/s is a poor value compared to a $1K gaming notebook that
comes with an 5870M (~150 MH/s according to mining hardware comparison)...
there are also units with other, possibly faster, GPUs:

[http://ncix.com/products/index.php?minorcatid=1323&submi...](http://ncix.com/products/index.php?minorcatid=1323&subminorcatid=672)

As for Bitcoin mining being profitable, the difficulty level is going up quite
quickly so the days of quickly recouping your hardware costs seem to be
waning.

------
maximilian
> _Smart sysadmins "salt" the passwords, which requires cracking._

As has been mentioned previously on HN, smart sysadmins use bcrypt making the
entire password cracking exercise nearly impossible.

------
StavrosK
Quite an informative article. I considered building one of these rigs, but I'm
only a hobbier, far from the hobbiest.

------
andrewcooke
very nice point about exponential growth and diminishing returns. also, i
didn't realise that 9 characters was the inflection point (are they
overestimating slightly the rate?)

~~~
biturd
This may help answer your question about the inflection point:
<http://www.baekdal.com/tips/password-security-usability>

It is a bit old, but not so old that you can't determine what a good length
is. More importantly, it is not always about the length, where something like
"alpine fun" (two common words) may take a couple months, but just adding in
"this is fun" (three common words) gains you thousands of years in time.

Before reading, I was under the impression that without a password manager, it
has become impossible to secure passwords by memory as GPU's became more
powerful. My impression was that "random", alpha-numeric, plus non-alpha-
numeric characters, and, of great length would be needed.

This article leads me to believe otherwise, and that something like
"this#is#my#password" should be sufficiently uncompromisable for some time to
come. It is also highly rememberable to me.

There was a youtube video linked, I believe from HN, apx. 3 weeks ago, that
showed a demo of GPU password cracking that was a bit more illustrative than
this article, and more current. Unfortunately, I can't seem to locate it.

~~~
andrewcooke
1 - the article linked here on hn gives 9 characters as the current practical
limit for brute force hacking with a 100 values per character (upper + lower +
symbol). the link you gave calls 6 characters "safe for life" when using
alphanumeric + symbols. while exactly what symbols are included is
significant, there's clearly a major discrepancy (i guess that the problem is
two-fold: your link is woefully out of date and the link here is over-
estimating rates on gpus).

2 - also, using more words is, in the context of the article you linked to,
related to dictionary attacks. and again your article is pretty poor since
it's giving an example with very common words which implies that a very small
dictionary would be needed. i would not call "this is fun" a safe password.

3 - the article you link to is again misleading in that it completely ignores
password helpers and puts too much emphasis on local restrictions like
reducing login rates. it seems like it was written before both the web (we are
seeing lists of passwords being stolen - that makes "restricting retries"
completely irrelevant) and gpus were common. i would not use it as a reliable
source of advice.

------
epiphany47
Random thought: If the bitcoin currency fails, would people turn their bitcoin
mining rigs into hash cracking rigs? I wonder if it's more economical to be
mining bitcoin or to crack hashes.

~~~
bonzoesc
Once the Mt. Gox password database leaked, there was a little bit of
commentary about how the community had a lot of password-cracking power on
tap.

------
dkokelley
New conspiracy theory:

Bitcoin was created as a secret government project to inexpensively wage cyber
warfare. Thousands of hopeful BTC prospectors invest in ever-increasingly
efficient hash-cracking rigs, creating a sleeping botnet of cyber-soldiers.
When the time comes, the government takes control of these machines (possibly
silently). Instead of cracking bitcoin blocks, they are now all cracking
nuclear launch codes of enemy states. That's a movie I would see.

