BitCracker: BitLocker meets GPUs
This work addresses the security vulnerability of BitLocker encryption for users relying on weak passwords, though it is incremental as it applies existing GPU acceleration techniques to a specific domain.
The authors tackled the problem of decrypting BitLocker-encrypted volumes via dictionary attacks by developing a GPU-optimized solution called BitCracker, achieving significant speed improvements in computing SHA-256 hashes and AES operations compared to existing tools like Hashcat.
BitLocker is a full-disk encryption feature available in recent Windows versions. It is designed to protect data by providing encryption for entire volumes and it makes use of a number of different authentication methods. In this paper we present a solution, named BitCracker, to attempt the decryption, by means of a dictionary attack, of memory units encrypted by BitLocker with a user supplied password or the recovery password. To that purpose, we resort to GPU (Graphics Processing Units) that are, by now, widely used as general-purpose coprocessors in high performance computing applications. BitLocker decryption process requires the computation of a very large number of SHA- 256 hashes and also AES, so we propose a very fast solution, highly tuned for Nvidia GPU, for both of them. We analyze the performance of our CUDA implementation on several Nvidia GPUs and we carry out a comparison of our SHA-256 hash with the Hashcat password cracker tool. Finally, we present our OpenCL version, recently released as a plugin of the John The Ripper tool.