Using ASIC for password cracking - mad concept?



All ASIC for Bitcoin do a double SHA256 hash on an arbitrary string. But maybe they might be used for pen testing :-)

Lets assume we have single SHA256 hash we want to crack. We also have an ASIC that does double SHA256. Well if we compare results computed by double SHA256 to passwords that generated SHA256 hash we will get nothing. But what if we do single SHA256 on SHA256 hash that we got on start using CPU, and then try to find SHA(SHA256(x))? If we find goodX it would be our password.

Would modifying firmware, or just mining proxy that feeds miner with work do the job?


Posted 2013-11-09T18:14:51.627

Reputation: 75


Very similar to, except that question asks if it's possible to use the Bitcoin network as a whole for password cracking.

– Nick ODell – 2015-03-24T21:07:28.123

Bitcoin mining ASICs can't compute SHA-256 of an arbitrary input at all. They take a block header template and search for a nonce where the double-sha256 is under some target value, and then just return that they're ready for more work or have found a matching nonce. – ryanc – 2018-04-20T16:05:47.637



It will not help even if passwords were hashed with DSHA256. This link explains why.

Basically the ASIC loads the header into its memory and increments the nonce until the hash of the header is lower than the the specified target.

Therefore you cannot use this to brute force a password seeing as the logic is incompatible.


Posted 2013-11-09T18:14:51.627

Reputation: 31


So, these answers are all great. They are all missing one giant point. ASICs are not ONLY for bitcoin miners, though the OP i believe was referring to mining ASICs. But an ASIC (or Application Specific Integrated Circuit) can be designed for any number of calculations, such as password cracking. I am certain at least nation state actors already have these. So the answer is YES, ASICs can be used to crack passwords, but they would have to be specifically designed to crack passwords using a specific algorithm.


Posted 2013-11-09T18:14:51.627

Reputation: 21


Most mining ASICs are hard-coded to perform sha256(sha256(x)) which may as well be a random number with regard to sha256(x). The only way in which an ASIC would be useful for password cracking is if someone happened to be using sha256(sha256(password)) as their scheme, which to my knowledge is not in popular use anywhere.

David Perry

Posted 2013-11-09T18:14:51.627

Reputation: 14 120

1but then I if the attacker knows that they have sha256(x) (which is likely disclosed in the code) and they have an ASIC that does sha256(sha256(x)) then all they would need to do is sha256(password_hash) an crack via ASIC :) – Rory McCune – 2015-08-05T22:02:16.933


A double hash brings you no closer to cracking the first one. Each hash makes the source harder to determine. There are an infinite number of sources that can produce the same hash value. An ASIC could aid a dictionary attack.


Posted 2013-11-09T18:14:51.627

Reputation: 259

"An ASIC could aid a dictionary attack"

What do you mean by that? – Johnny – 2013-11-09T19:30:51.763

I think a dictionary attack is exactly what the question is proposing: hash lots of strings and see if any of them is the password. – Nate Eldredge – 2013-11-09T20:21:17.313


You can design an ASIC to do any calculation you want. For example, let's say you stole a password database from a webpage. You know that the passwords were hashed using bcrypt. So you would need to create\buy an ASIC that does the bcrypt hash function. It would be faster at brute force cracking than a regular CPU\GPU. This would still take a very long time. An ASIC powerful enough to crack passwords would be very expensive. I believe the NSA dabbled in this dark art. They likely have machines dedicated to cracking specific hash functions.


Posted 2013-11-09T18:14:51.627

Reputation: 101


Double SHA1 is very much in use in SQL password hashing. It is known as the 'MySQL 4.1+' hash type. How about hardware mods on an asic chip to perform double-sha1 decrypt instead of double-sha2-256?


Posted 2013-11-09T18:14:51.627

Reputation: 1

This won't work since SHA1 and SHA256 are completely different algorithms when layed out in silicon. So this is not possible with existing hardware which is what OP is asking for. – cdecker – 2016-11-24T15:02:04.100