Efficient Optimization of MS Office 2013+ Password Cracking and PBKDF2-HMAC-SHA2 on GPUs

The increasing sensitivity of personal information has led to the widespread adoption of encryption technology for unstructured files and various applications. However, this presents significant challenges for law enforcement agencies tasked with gathering evidence for crime investigations and prosecutions. The use of encryption to impede forensic efforts poses difficulties, as passwords to encrypted files cannot be easily obtained. Consequently, there is a pressing need to develop high-speed techniques for cracking encrypted files to access critical evidence. To address this challenge, our research focused on optimizing the PBKDF2-HMAC-SHA2 algorithm, commonly used for password protection, and enhancing methods for cracking MS Office 2013+ files, a widely used office suite. We implemented optimizations at both the algorithmic and architectural levels. Algorithmically, we concentrated on reducing memory accesses and eliminating redundant computations within SHA2 and HMAC. Architecturally, we optimized memory access patterns, utilized specialized memory, and improved thread placement to enhance throughput performance. As a result, we achieved significant performance improvements. For PBKDF2-HMAC-SHA2, we saw a 29% improvement on the RTX3090 and a 33% improvement on the RTX4090 compared to Hashcat, the most popular open-source password recovery tool. For cracking MS Office 2013+ files, we achieved performance gains of up to 15% on the RTX3090 and up to 9% on the RTX4090 compared to commercial software like Passware and Elcomsoft. Since our software is open source, it can be used to accelerate password cracking efforts involving HMAC and hash functions. Moreover, its architecture can serve as a reference for developing parallel password-cracking tools.