Password Cracking and Countermeasures in Computer Security: A Survey

With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of the users. Password authentication is one of the widely used methods to achieve authentication for legal users and defense against intruders. There have been many password cracking methods developed during the past years, and people have been designing the countermeasures against password cracking all the time. However, we find that the survey work on the password cracking research has not been done very much. This paper is mainly to give a brief review of the password cracking methods, import technologies of password cracking, and the countermeasures against password cracking that are usually designed at two stages including the password design stage (e.g. user education, dynamic password, use of tokens, computer generations) and after the design (e.g. reactive password checking, proactive password checking, password encryption, access control). The main objective of this work is offering the abecedarian IT security professionals and the common audiences with some knowledge about the computer security and password cracking, and promoting the development of this area.Comment: add copyright to the tables to the original authors, add acknowledgement to helpe

Lyra: Password-Based Key Derivation with Tunable Memory and Processing Costs

We present Lyra, a password-based key derivation scheme based on cryptographic sponges. Lyra was designed to be strictly sequential (i.e., not easily parallelizable), providing strong security even against attackers that use multiple processing cores (e.g., custom hardware or a powerful GPU). At the same time, it is very simple to implement in software and allows legitimate users to fine-tune its memory and processing costs according to the desired level of security against brute force password guessing. We compare Lyra with similar-purpose state-of-the-art solutions, showing how our proposal provides a higher security level and overcomes limitations of existing schemes. Specfically, we show that if we fix Lyra\u27s total processing time t in a legitimate platform, the cost of a memory-free attack against the algorithm is exponential, while the best known result in the literature (namely, against the scrypt algorithm) is quadratic. In addition, for an identical same processing time, Lyra allows for a higher memory usage than its counterparts, further increasing the cost of brute force attacks

Myphrase: Passwords from your Own Words

To improve manageability and strength of user-chosen passwords, we propose a multi-word password scheme called Myphrase. Contrary to the often-repeated but failed policy of banning common words as passwords, we encourage users to use words that are more personal to them—irrespective of the words being too common or esoteric. In Myphrase, a small dictionary is created from user-authored content such as sent emails and blogs. A master passphrase is constructed by randomly selecting words from the dictionary. We propose two variants as a trade-off between security and memorability; in random sequence, words are chosen uniformly across the dictionary, and in connected discourse, words are tagged using a part-of-speech engine and inserted appropriately into sentence templates. Words in the passphrase are expected to be easily recognizable to users and can be efficiently entered by leveraging the auto-suggest feature. Myphrase is designed to be compatible with both desktop and mobile platforms—a growing requirement for current authentication schemes. We create website-specific passwords from the master passphrase by salting the phrase with the site’s domain. To restrict offline attacks on the master passphrase from exposed site passwords, we require the passphrase to be of sufficient length (e.g., 6 words from a 1024-word dictionary, resulting in 60 bits of entropy in the random sequence variant). Entropy calculation for the connected discourse variant is less straightforward. We analyze Myphrase dictionaries and expected entropy of generated passphrases with two datasets: the Enron email corpus, and several popular books from Project Gutenberg. We also evaluate Myphrase using a recently proposed, slightly modified, framework of usability-deployability-security ratings, and seek feedback on our proof-of-concept prototypes available for both desktop and mobile platforms

A University-based Forensics Training Center as a Regional Outreach, Education, and Research activity

This paper describes a university-based Forensics Training Center (FTC) established by a Department of Justice grant for the purpose of improving the ability of state and local law enforcement in the Southeastern part of the United States to address the rising incidence of computer based crime. The FTC effort is described along with supporting evidence of its need. The program is not only a service activity, but also contributes to the Mississippi State University (MSU) security program pedagogy, and research effort

Deniable Storage Encryption for Mobile Devices

Smartphones, and other mobile computing devices, are being widely adopted globally as the de-facto personal computing platform. Given the amount of sensitive information accumulated by these devices, there are serious privacy and security implications for both personal use and enterprise deployment. Confidentiality of data-at-rest can be effectively preserved through storage encryption. All major mobile OSes now incorporate some form of storage encryption. In certain situations, this is inadequate, as users may be coerced into disclosing their decryption keys. In this case, the data must be hidden so that its very existence can be denied. Steganographic techniques and deniable encryption algorithms have been devised to address this specific problem. This dissertation explores the feasibility and efficacy of deniable storage encryption for mobile devices. A feature that allows the user to feign compliance with a coercive adversary, by decrypting plausible and innocuous decoy data, while maintaining the secrecy of their sensitive or contentious hidden data. A deniable storage encryption system, Mobiflage, was designed and implemented for the Android OS, the first such application for mobile devices. Current mobile encryption mechanisms all rely, in some way, on a user secret. Users notoriously choose weak passwords that are easily guessed/cracked. This thesis offers a new password scheme for use with storage encryption. The goal is to create passwords that are suitably strong for protection of encryption keys, easier to input on mobile devices, and build on memorability research in cognitive psychology for a better user experience than current password guidelines

Contact Discovery in Mobile Messengers: Low-cost Attacks, Quantitative Analyses, and Efficient Mitigations

Contact discovery allows users of mobile messengers to conveniently connect with people in their address book. In this work, we demonstrate that severe privacy issues exist in currently deployed contact discovery methods and propose suitable mitigations. Our study of three popular messengers (WhatsApp, Signal, and Telegram) shows that large-scale crawling attacks are (still) possible. Using an accurate database of mobile phone number prefixes and very few resources, we queried 10% of US mobile phone numbers for WhatsApp and 100% for Signal. For Telegram we find that its API exposes a wide range of sensitive information, even about numbers not registered with the service. We present interesting (cross-messenger) usage statistics, which also reveal that very few users change the default privacy settings. Furthermore, we demonstrate that currently deployed hashing-based contact discovery protocols are severely broken by comparing three methods for efficient hash reversal. Most notably, we show that with the password cracking tool JTR we can iterate through the entire world-wide mobile phone number space in <150s on a consumer-grade GPU. We also propose a significantly improved rainbow table construction for non-uniformly distributed input domains that is of independent interest. Regarding mitigations, we most notably propose two novel rate-limiting schemes: our incremental contact discovery for services without server-side contact storage strictly improves over Signal\u27s current approach while being compatible with private set intersection, whereas our differential scheme allows even stricter rate limits at the overhead for service providers to store a small constant-size state that does not reveal any contact information

Method for analyzing password strength for passwords protected with cryptographic hash functions

Najpopularnija metoda autentikacije korisnika u informacijskim sustavima jest primjena lozinki. Svaka lozinka koju napadač ili maliciozni kod može jednostavno pogoditi slaba je i sustav čini ranjivim. Administratori sustava i analitičari za sigurnost koriste metode pronalaženja slabih lozinki kako bi mogli proaktivno štititi informacijski sustav. Prilikom analize sustava u kojem se želi otkriti slabe lozinke, uvijek je poželjnija metoda koja uz manji utrošak vremena i računalnih resursa pronalaziveći broj slabih lozinki. Ovaj rad opisuje istraživački postupak kojim su razvijene tri metode za pronalaženje slabih lozinki. Prva metoda omogućava pronalaženje slabih, industrijski postavljenih lozinki, na uređajima koji su dostupni na mrežama ili Internetu, i stvaralistu industrijskih i čestih lozinki iz raznih online repozitorija. Druga metoda koristi samostalno odabrane ključne riječi pomoću kojih generira listuriječi koristeći tražilicu Google. Ključne riječi mogu biti imena osoba, nadimci, imena tvrtki i slično, što omogućava da liste riječi sadrže pojmove povezane s ključnim riječima.Treća metoda omogućava pronalaženje slabih lozinki koje su zaštićene jednosmjernom kriptografskom funkcijomi temelji se na modeliranju korisničkog ponašanja prigodom odabira lozinke. Istraživanje korisničkog ponašanja provedeno je kroz razvoj i oblikovanje nove metode koja predstavlja novi algoritam strojnog učenja, koji stvara pravila koja opisuju kako korisnici kreiraju svoje lozinke. Metoda strojnog učenja primijenjena je na listi lozinki koje su bile dostupne za potrebe istraživanja. Pravila koja su pronađena uz pomoć treće metode mogu biti primijenjena u skoro svim popularnijim alatima za testiranje snage lozinki. Primjena takvih pravila pokazala se bržom od danas referentnih metoda za testiranje snage lozinki, pri čemu je metoda opisana u sklopu ovog rada otkrila veći broj slabih lozinki u kraćem vremenskom intervalu u odnosu na referentnu metoduThe essence of this researchis related to the detection of weak passwords that can be guessed by an attacker or malware. Such passwords are a security vulnerability because they can provide a possibility of unauthorized access toa system. For password analysis, we can distinguish between online analysis where we try to identify weak passwords that are active on an authentication system that is accessible from the local networkor from the public Internet. A large number of devices are vulnerable, since they are set with factory default password sand are accessible via the Internet, where a large number of malware and automated scanners try to guess the password on those systems with malicious intent. If the passwords are not changed from their default values they area major risk to the information system, because network facing systems are critical systems for data transmission. In the case of online analysis, we want to check a small number of passwords against a network service, so we dont affect the performance of systems that are already under constant attack by automated tools or malicious code from the Internet. Another type of analysis is the offline analysis where we analyzea list of passwords that are used by anauthentication system where each password is protected with a one-way hash function. In this case, our analysis is limited by our processing resources, where we want to spend as little resources as possible and detect as many weak passwords in the shortest timeframe possible. Best practices as described in international norms ISO/IEC 27002:2013[32], NIST 800-115 [63]and NIST 800-63-1 [8]state that passwords need to be complexand protected inthe way that we dont handle or store the plaintext value of a password. The protection is usually with the use of a one-way cryptographic hash function.This is the reason why we need methods that can testthe strength of already protected passwords.The main premise of this researchis that users dont pick their passwords randomly, but that they havea system or a behavioralpatternin which they pick their passwords. The behavior of users and malware is represented by models which represent the concrete classes of weak passwords, where the models are implemented as tools that enable us to use those models, where we have three main categories of the said models: VI1.M1 model which represents the class of attacks that are used by automated scanners or various other malicious software against systems that are available on the public internet.2.M2 model that represents the class of passwords that are tied to personal data or keywords that a user could have picked, where we use the M2 model for offline analysis. 3.M3 models which represent the behavior of the user and how the user creates a password and which elements and changes does he use when he creates his password, where we use the M3 model of offline analysis. Each model was researched and developed inthe following way: 1.For the M1 model, we developed a method for password list creation and updating from various unstructured repositories that are maintained by information security consultants or malicious hackers, which enables us to collect those listsand create a list that is based on the relative usage of each username / password pair. This enables us to automate the testing of our systems with the passwords that those groups published. This concept simplifies the evaluation of weak passwords on systems that are available on our networks. 2.For the M2 model, we developeda method that enables us to use the Google search engine to create wordlists with the usage of few keywords that we picked. a.Using the M2 method, a base word corpus with popular words was developed that can beused by the M3 model or in other tools. b.The concept of wordlist generation with the help of Wikipedia database dumpswas developed. Such an approach creates a large word corpus, with the requirement for a large amount of compute resources. This drawback resulted in the developmentof the method that uses the Google search enginefor wordlist generation. 3.For the M3 model, we developeda new method of machine learning which the author calls the sieve method, which enables us to classify passwords and developa model that describes how a user created a password. a.The sieve method represents a new approach to classification problems and its concept is shown in the application of password classification. b.Using the sieve algorithm on atraining list of passwords, we developed a set of rules that describe the users behavior when they pick their passwords.VII c.Alongside the classification, we also collected the elements like words, number and symbol patterns from which users created their passwords. Those elements were used to augment the wordlist created with the help of method used in the M2 model. 4.The M3 model and all accompanying rules that were discovered in the classification process can be used to enable the usage of M3 models, a tool named unhash was developed that enabled the usage of such rulesin almost all popular password security testing tools that can use the standard input stdin. To test the performance and speed of the M3 model four concepts of rule usage were developed, which were compared to the base line implementation which is available in the tool called Johnthe Ripper [14]. With the implementation of M1 model, it has been shown that default passwords can be detected on all devices that were available and were owned by the author. Implementing theM2 andM3 models and comparing their performance withtodays baseline implementation that is available in the tool called Johnthe Ripper[14], it has been shown that suggested implementation detects more weak passwords in a shorter time frame