Les compromis temps-mémoire et leur utilisation pour casser les mots de passe Windows

Les compromis temps-m emoire sont des m ethodes qui per- mettent de r eduire le temps d'ex ecution d'un algorithme en augmen- tant la quantit e de m emoire utilis ee. Dans cet article nous pr esentons di erentes variantes de compromis temps-m emoire qui permettent d'acc el erer le cassage de mots de passe. Nous expliquons comment con gurer un tel compromis pour obtenir le cassage le plus rapide, comment estimer les performances que l'on peut esp erer atteindre et nous montrons comment impl ementer cette m ethode de mani ere e cace pour casser les mots de passe des syst emes Windows

Making a Faster Cryptanalytic Time-Memory Trade-Off

In 1980 Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using precalculated data stored in memory. This technique was improved by Rivest before 1982 with the introduction of distinguished points which drastically reduces the number of memory lookups during cryptanalysis. This improved technique has been studied extensively but no new optimisations have been published ever since. We propose a new way of precalculating the data which reduces by two the number of calculations needed during cryptanalysis. Moreover, since the method does not make use of distinguished points, it reduces the overhead due to the variable chain length, which again significantly reduces the number of calculations. As an example we have implemented an attack on MS-Windows password hashes. Using 1.4GB of data (two CD-ROMs) we can crack 99.9% of all alphanumerical passwords hashes (2 37 ) in 13.6 seconds whereas it takes 101 seconds with the current approach using distinguished points. We show that the gain could be even much higher depending on the param-eters used

RFID Traceability: A Multilayer Problem

RFID tags have very promising applications in many domains (retail, rental, surveillance, medicine to name a few). Unfortunately the use of these tags can have serious implications on the privacy of people carrying tagged items. Serious opposition from consumers has already thwarted several trials of this technology. The main fears associated with the tags is that they may allow other parties to covertly collect information about people or to trace them wherever they go. As long as these privacy issues remain unresolved, it will be impossible to reap the benefits of these new applications. Current solutions to privacy problems are typically limited to the application layer. RFID system have three layers, application, communication and physical. We demonstrate that privacy issues cannot be solved without looking at each layer separately. We also show that current solutions fail to address the multilayer aspect of privacy and as a result fail to protect it. For each layer we describe the main threats and give tentative solutions

A Scalable and Provably Secure Hash-Based RFID Protocol

The biggest challenge for RFID technology is to provide benefits without threatening the privacy of consumers. Many solutions have been suggested but almost as many ways have been found to break them. An approach by Ohkubo, Suzuki and Kinoshita using an internal refreshment mechanism seems to protect privacy well but is not scalable. We introduce a specific time-memory trade-off that removes the scalability issue of this scheme. Additionally we prove that the system truly offers privacy and even forward privacy. Our third contribution is an extension of the scheme which offers a secure communication channel between RFID tags and their owner using building blocks that are already available on the tag. Finally we give a typical example of use of our system and show its feasibility by calculating all the parameters

Tracing attacks and restoring integrity with LASCAR

We present a novel method to trace the propagation of intrusions or malicious code in networked systems. Our solution is aimed at large numbers of loosely managed workstations typical of a research environment as found in CERN. The system tags events which have a potential to become harmful. On a given machine all processes that results from the tagged event are marked with the same tag and the tag is carried on to others machines if a tagged process establishes a connection. Tag creation logs are stored in a central database. When an intrusion is detected at a later time, all machines and processes that may have lost their integrity due to this incident can easily be found. This leads to a quick and effective restoration of the system. Our implementation of the system is designed to incur very little overhead on the machines and integrates easily with many flavors of the Linux operating system on any type of hardware

Time-Memory Trade-Offs: False Alarm Detection Using Checkpoints

Since the original publication of Martin Hellman's cryptanalytic time-memory trade-off, a few improvements on the method have been suggested. In all these variants, the cryptanalysis time decreases with the square of the available memory. However, a large amount of work is wasted during the cryptanalysis process due to so-called "false alarms". In this paper we present a method of detection of false alarms which significantly reduces the cryptanalysis time while using a minute amount of memory. Our method, based on "checkpoints", reduces the time by much more than the square of the additional memory used, e.g., an increase of 0.89% of memory yields a 10.99% increase in performance. Beyond this practical improvement, checkpoints constitute a novel approach which has not yet been exploited and may lead to other interesting results. In this paper, we also present theoretical analysis of time-memory trade-offs, and give a complete characterization of the variant based on rainbow tables

Time-Memory Trade-Offs: False Alarm Detection Using Checkpoints, Extended Version

Since the original publication of Martin Hellman's cryptanalytic time-memory trade-off, a few improvements on the method have been suggested. In all these variants, the cryptanalysis time decreases with the square of the available memory. However, a large amount of work is wasted during the cryptanalysis process due to so-called "false alarms". In this paper we present a method of detection of false alarms which can significantly reduce the cryptanalysis time while using a minute amount of memory. Our method, based on "checkpoints", can reduce the time by much more than the square of the additional memory used, e.g., an increase of 0.89% of memory yields a 10.99% increase in performance. Even if our optimization is bounded, the gain in time per memory used is radically more important than in any existing variant of the trade-off. Beyond this practical improvement, checkpoints constitute a novel approach which has not yet been exploited and may lead to other interesting results. In this paper, we also present theoretical analysis of time-memory trade-offs, and give a complete characterization of the variant based on rainbow tables. This is the first time an exact expression is given for a variant of the trade-off and that the time-memory relationship can actually be plotted

Monitoring Chat Users

Monitoring Chat User

Aspirin plus ticlopidine prevented experimental endocarditis due to Enterococcus faecalis and Streptococcus gallolyticus

Enterococcus faecalis and Streptococcus gallolyticus cause infective endocarditis (IE), which can originate from the continuous release or translocation of low bacterial numbers into the bloodstream. In this context, IE cannot be prevented with antibiotics. We previously demonstrated that aspirin plus ticlopidine protected rats from IE due to S. gordonii and Staphylococcus aureus. Here we showed that aspirin plus ticlopidine significantly reduced vegetation weight and protected 73 and 64% rats (P < 0.005) from IE due to E. faecalis and S. gallolyticus, respectively. These results further support the potential use of aspirin plus ticlopidine for a global prevention of IE in high-risk patient