AWS Configuration

Since Cryptbreaker utilizes a number of AWS features and leverages spot instances for cost-efficient cracking it is important to configure your AWS account prior to trying to configure the tool.

Configure Regions

The initial steps to configure all possible AWS regions for the necessary spot limit increase can be quite annoying as it is one of the few features of AWS that cannot be automated. To submit your spot limit increase you’ll need to first sing into your AWS account, then perform the following steps.

  1. Click the ‘Support Tab’ in the top-right of the screen
  2. Select ‘Support Center’ in the drop down menu

Spot Limit Increase 01

  1. Click on ‘Create Case’ in the AWS Support Center

Spot Limit Increase 02

  1. Select a case type of ‘Service Limit Increase’
  2. Choose a Limit Type of ‘EC2 Spot Instances’

Spot Limit Increase 03 The case you’re creating will consist of a series of ‘Requests’. Each request specifies a designated Region to be affected, an Instance Type to increase limits for and a New Limit Value defining the new maximum number of instances of the specified size that are allowed to run in the chosen region. By default Cryptbreaker will only use the us-east-1, us-east-2, us-west-1, and us-west-2 regions. This was done for two reasons: first, to minimized the number of request you need to submit during initial account configuration and second, the US regions seemed to have the cheapest instances a majority of the time, you can configure Cryptbreaker to use additional regions but for this guide we will assume you need to submit the spot limit increase for the default regions in use.

  1. Select a region you wish to use
  2. Choose an instance type (p3.2xlarge, p3.8xlarge, or p3.16xlarge) based off what tier you plan to regularly use. Most people can get away with just using the p3.2xlarge tier. If you need faster cracking you can choose one of the larger classes though they will be more expensive.
  3. Choose a new limit value (anything more than 0 should be fine but the higher it is the more likely AWS denies it, I recommend choosing 1 or 2 to start)

You’ve now configured a single request, to increase the limit for a single instance type in a single region.

At a minimum I recommend use the ‘Add another request’ button (8) to add requests covering all four US regions with at least the p3.2xlarge instance type. This means that at a minimum your case will have 4 requests.

Spot Limit Increase 04

  1. Once you’ve added all your requests to the case you will need to provide a ‘Case desription’. I recommend something along the following lines: “Request spot limit increase to enable distributed computing application relying on spot pricing optimization”

Spot Limit Increase 05

  1. Submit your case request.

Spot Limit Increase 06

Now that the request has been submitted you just have to wait for Amazon to approve the service limit increase.

Region Notes

Cryptbreaker was originally designed to perform its cloud based actions at the cheapest available pricing. To do this it will look across all AWS datacenters to find the best pricing for each type of instance that it can use. This means that instance limit increase requests can potentially need to be submitted for EVERY AWS region. As more people use the tool I realize that the complexity of supporting every region may offset the benefit of saving a .006 dollars/hour. Additionally, ~6 months of data have show that the US regions are consistently the cheapest regions to use. As a result, Cryptbreaker now defaults to only using US regions. Though you can enable additional regions in Cryptbreaker and see if there are lower prices in other regions by going to the ‘Admin’ page of the application.

Region Display In Admin Note in the above image that the only ‘enabled’ regions listed in ‘Region Overview’ are us-east-1, us-east-2, us-west-1, and us-west-2. To enable or disable a region just click on the row of the region you want to toggle.

In the ‘Spot Pricing’ table you can see that the for a ‘p3.2xlarge’ instance type the cheapest available options in the enabled regions costs $0.9976/hour and is in us-east-1a while there is a cheaper cost currently available at $0.9915/hour if you use an instance in eu-west-1c. If you want to use the cheaper option you’ll have to: 1. Enable the eu-west-1 region 2. Submit another Support case to increase your allotted p3.2xlarge spot instances in the eu-west-1 region if you haven’t already done so.

Generate API Key

The last step to get ready to perform initial configuration is to generate and download you API access keys for your account. This can be done in a few steps.

First, while logged in, click on your account name (1) to get a dropdown menu and select ‘My Security Credentials’ (2) to access the credentials menu.

Generating Key 01

Then, click on ‘Access keys’ (3) on the credentials page.

Generating Key 02

Finally, click ‘Create New Access Key’ (4) and then download the key file in the resulting popup.

This API key is incredibly sensitive. I recommend saving in a password manager or some other encrypted format to prevent unauthorized access. Any compromise of this key is equivalent to full AWS account compromise

Generating Key 03

Once you receive notice via the AWS Support Center that your spot limit increase request has been approved you can continue to the final Cryptbreaker cofiguration step.

Docker Installation Cryptbreaker Installation