On the weaknesses of PBKDF2

Password-based key derivation functions are of particular interest in cryptography because they (a) input a password/passphrase (which usually is short and lacks enough entropy) and derive a cryptographic key; (b) slow down brute force and dictionary attacks as much as possible. In PKCS#5 [17], RSA Laboratories described a password based key derivation function called PBKDF2 that has been widely adopted in many security related applications [6, 7, 11]. In order to slow down brute force attacks, PBKDF2 introduce CPU-intensive operations based on an iterated pseudorandom function. Such a pseudorandom function is HMAC-SHA-1 by default. In this paper we show that, if HMAC-SHA-1 is computed in a standard mode without following the performance improvements described in the implementation note of RFC 2104 [13] and FIPS 198-1 [14], an attacker is able to avoid 50% of PBKDF2’s CPU intensive operations, by replacing them with precomputed values. We note that a number of well-known and widely-used crypto libraries are subject to this vulnerability.In addition to such a vulnerability, we describe some other minor optimizations that an attacker can exploit to reduce even more the key derivation time

KANSA: high interoperability e-KTP decentralised database network using distributed hash table

e-KTP is an Indonesian Identity Card based on Near Field Communicator technology. This technology was embedded in every e-KTP card for every Indonesian citizen. Until this research, e-KTP technology never to be utilized by any stack-holder neither government agencies nor nongovernment organization or company. e-KTP Technology inside the card never been used and go with conventional with manual copy it with photocopy machine or take a photograph with it. This research was proposing an open standard to utilized e-KTP Technology. The open standard will bring e-KTP technology used as is and used broadly in many government agencies or much commercial company. This research was proposing decentralized network model especially for storing e-KTP data without breaking privacy law. Besides providing high specs of the server, a decentralized model can reduce the cost of server infrastructure. The model was proposing using Distributed Hast Table which was used for peer-to-peer networks. The decentralized model promised high availability and the more secure way to save and access the data. The result of this model can be implemented in many network topology or infrastructure also applicable to implement on Small Medium Enterprise Company

Exploiting an HMAC-SHA-1 optimization to speed up PBKDF2

PBKDF2 is a well-known password-based key derivation function. In order to slow attackers down, PBKDF2 introduces CPU-intensive operations based on an iterated pseudorandom function (in our case HMAC-SHA-1). If we are able to speed up a SHA-1 or an HMAC implementation, we are able to speed up PBKDF2-HMAC-SHA-1. This means that a performance improvement might be exploited by regular users and attackers. Interestingly, FIPS 198-1 suggests that it is possible to precompute first message block of a keyed hash function only once, store such a value and use it each time is needed. Therefore the computation of first message block does not contribute to slowing attackers down, thus making the computation of second message block crucial. In this paper we focus on the latter, investigating the possibility to avoid part of the HMAC-SHA-1 operations. We show that some CPU-intensive operations may be replaced with a set of equivalent, but less onerous, instructions. We identify useless XOR operations exploiting and extending Intel optimizations, and applying the Boyar-Peralta heuristic. In addition, we provide an alternative method to compute the SHA-1 message scheduling function and explain why attackers might exploit these findings to speed up a brute force attack against PBKDF2

Efficient Implementation of IEEE 802.11i Wi-Fi Security (WPA2-PSK) Standard Using FPGA

The rationale behind the thesis was to design efficient implementations of cryptography algorithms used for Wi-Fi Security as per IEEE 802.11i Wi-Fi Security (WPA2-PSK) standard. The focus was on software implementation of Password-Based Key Derivation Function 2 (PBKDF2) using Keyed-Hash Message Authentication Code (HMAC)-SHA1, which is used for authentication, and, hardware implementation of AES-256 cipher, which is used for data confidentiality. In this thesis, PBKDF2 based on HMAC-SHA1 was implemented on software using C programming language, and, AES-256 was implemented on hardware using Verilog HDL. The overall implementation was designed and tested on Nexys4 FPGA board. The performance of the implementation was compared with other existing designs. Latency (us) was used as the performance metric for PBKDF2, whereas, throughput (Gb/s), resource utilization (Number of Slices), efficiency (Kb/s per slice) and latency (ns) were used as performance metrics for AES-256. MRF24WG0MA PMOD Wi-Fi module was the 2.4 GHz Wi-Fi module which was interfaced with Nexys4 FPGA board for wireless communication. When the correct security credentials were entered in the implemented system interfaced to the Wi-Fi module, it was successfully authenticated by a 2.4 GHz wireless router (or mobile hotspot) configured to work in WPA2-PSK security mode. Once this system was authenticated, the implemented AES-256 cipher within the system was used to provide a layer of encryption over the data being communicated in the network

Towards a NoSQL security map

NoSQL solutions have recently been gaining significant attention because they address some of the inefficiencies of traditional database management systems. NoSQL databases offer features such as performant distributed architecture, flexibility and horizontal scaling. Despite these advantages, there is a vast quantity of NoSQL systems available, which differ greatly from each other. The resulting lack of standardization of security features leads to a questionable maturity in terms of security. What is therefore much needed is a systematic lab research of the availability and maturity of the implementation of the most common standard database security features in NoSQL systems, resulting in a NoSQL security map. This paper summarizes the first part of our research project trying to outline such a map. It documents the definition of the standard security features to be investigated as well as the security research and results for the most commonly used NoSQL systems

Enhanced Wi-Fi Security of University Premises Using MAC Address and Randomly Generated Password

Many solutions are available for setting up wireless home networks to get internet connectivity working as quickly as possible. It is also quite risky as numerous security problems can result. Today’s Wi-Fi networking products do not always help the situation as configuring their security features, and they can be time-consuming.  In this paper, an improved security protocol is proposed for University premises, which is a combination of the process of MAC address filtering and random password generation. If the MAC address match, then the server will send a randomly generated password to the client. As a result, the whole network will face fewer intruders, and the security will be of top-notch. The proposed security solution was compared with the existing four security methods. The proposed solution has universality as the device and software needed for it is available all over the world

Understanding common password design:a study towards building a penetration testing tool

Abstract. Almost everything that is meant to be kept private is currently being protected by passwords. While systems and devices can be designed with robust security measures, the effcacy of such systems can be compromised if the end-user chooses a weak password, especially one easily found in common wordlists. Given the prevailing security dynamics, especially with the ongoing Ukraine war and Finland’s NATO membership considerations, the inadequate protection of WiFi devices may transcend individual privacy concerns. Supo, the Finnish Security and Intelligence Service, posits that routers with subpar security could pose considerable national security risks. This thesis aims to investigate the strategies people use when creating new passwords. This is done by using prior knowledge about password creation habits and by conducting an analysis of leaked passwords. The study also examines existing tools for password list generation for penetration testing to see what the strengths and weaknesses of those tools are. This will be the groundwork for creating a lightweight tool for password list generation that can be used to do penetration testing with dictionary attacks and possibly detect if weak passwords are being used. The problem with the current tools is that they either create a very large wordlist or are too small to be practical. They also seem to lack the mangling capabilities of the wordlists. The proposed solution is evaluated using the wardriving method, accompanied by the acquisition of pmkid hashes from WiFi access points. Subsequently, these hashes are matched against passwords generated by the designated tool, leveraging Hashcat to ascertain their decryptability. Through this process, the study also provides a snapshot of WiFi password robustness within the City of Oulu. The fndings revealed that approximately 6% of WiFi access points employed passwords deemed too weak. This discovery aligns with earlier research conducted in the city of Oulu, where a related investigation highlighted that nearly 14.78% of devices lack password protection, effectively operating as open access points [1].Yleisten suunnittelumenetelmien ymmärtäminen salasanojen luomiseen : tutkimus penetraatiotestaustyökalun rakentamiseen. Tiivistelmä. Lähes kaikki yksityisenä pidettävät asiat ovat tällähetkellä salasanojen suojaamia. Laitteet ja järjestelmät voidaan suunnitella tietoturvaominaisuuksiltaan kattavaksi, mutta näiden laitteiden ja järjestelmien turvallisuus voi vaarantua, jos loppukäyttäjä valitsee laitteen salasanaksi heikon salasanan. Etenkin jos valittu salasana sattuu vielä löytymään yleisistä salasanalistoista. Wif laitteiden riittämätön suojaaminen voi aiheuttaa turvallisuusongelmia, kun tarkastellaan vallitsevaa turvallisuusdynamiikkaa, Ukrainan sotaan ja Suomen Nato jäsenyyteen liittyen. Suojelupoliisi arvioi että heikosti suojatut reitittimet voivat aiheuttaa merkittäviä kansallisia turvallisuusriskejä. Tämän opinnäytetyön tavoitteena on tutkia ihmisten käyttämiä strategioita salasanojen luomiseen. Tämä tehdään käyttämällä aiempaa tietoa salasanojen luomistavoista, sekä tekemällä analyysi aiemmin nettiin vuotaneista salasanoista. Tutkimuksessa myös tarkastellaan olemassa olevia työkaluja salasanalistojen luomiseen ja selvitetään mitkä ovat näiden työkalujen vahvuudet ja heikkoudet. Edellämainitut toimenpiteet ovat pohjatyö jonka perusteella rakennetaan kevyt työkalu salasanalistojen luomiseen penetraatiotestausta varten. Jo tehtävää varten olemassaolevien työkalujen ongelmana on että ne luovat joko liian suuria tai pieniä sanalistoja ollakseen käytännöllisiä. Niistä puuttuu myös toiminnallisuus sanalistojen muokkaamiseen. Työkalun tehokkuutta arvioidaan ja testataan wardriving menetelmällä Wiftukipisteistä hankituilla pmkid hasheilla. Myöhemmin hashejä verrataan työkalun luomiin sanalistoihin käyttäen apuna Hashcat nimistä työkalua ja tutkitaan löytyykö vastaavuuksia, ts. vastaako jokin työkalun luomista sanoista salasanaa jolla hash on luotu. Tätä kautta saadaan myös tilannekuva Wifsalasanojen vahvuudesta Oulun kaupungissa. Tulokset paljastivat että noin 6 % Wif-tukipisteistä käytetään liian heikkoa salasanaa. Tämä löytö on linjassa aiemmin Oulussa tehdyn tutkimuksen kanssa, jossa kyseinen tutkimus osoitti että lähes 14.78 % laitteista puuttuu salasanasuojaus ja laitteet toimivat noissa tapauksissa avoimina tukiasemina. [1

WPA 2 (Wi-Fi Protected Access 2) Security Enhancement: Analysis

WPA and WPA2 (Wi-Fi Protected Access) is a certification program developed by the Wi-Fi Alliance to indicate compliance with the security protocol created by the WiFi Alliance to secure wireless networks. The Alliance defined the protocol in response to several weaknesses researchers had found in the previous system: Wired Equivalent Privacy (WEP). Many sophisticated authentication and encryption techniques have been embedded into WPA2 but it still facing a lot of challenging situations. In this paper we discuss the benefit of WPA2, its vulnerabilit