2. Agenda
2
Introduction.
Security attacks.
Password-based cryptography.
Common countermeasures against dictionary
attacks.
Conclusion.
3. Introduction
3
Passwords are the most common method of
authentication.
Consists of a string of characters to gain access to
resources.
Usually, passwords are human memorable that
considered as a vulnerability in security.
Passwords are derived from a small domain.
4. Introduction
4
Password creation rules have been enforced to
increase the quality of passwords like:
Letters and numeric.
Non-alphanumeric characters.
Passphrases.
Symbols.
Increased password length.
5. Well Known Passwords attacks
5
Guessing attacks.
Brute force attack (Rainbow).
Dictionary attacks.
Online dictionary attacks.
Offline dictionary attacks.
Resetting attacks.
Replay attacks.
Syllable attacks.
Social engineering and shoulder surfing.
6. Password based Cryptography
6
Attempt to derive security key directly from
passwords.
Some processing are needed to turn passwords into
security keys.
Password based authentication techniques.
The use of iteration count.
Construct key derivation function.
8. Password based Authentication using Hashes
8
A hash function is any well-defined procedure or
mathematical function that converts a large, possibly
variable-sized amount of data into a small datum.
Hash functions should be:
Easy to compute the hash value for any given message.
Infeasible to find a message that has a given hash.
Infeasible to modify a message without changing its hash.
Infeasible to find two different messages with the same hash.
10. Password based Authentication using Hashes
10
Using Dictionary attacks that uses hashes of
dictionary words.
Attacker might not know the exact hash function
used, which means they must attempt each
dictionary word for each hash function they’re
considering.
11. Password based Authentication using Salts
11
8 Byte random number.
DK = KDF (P, S)
Producing a large set of keys corresponding to a
given password.
Benefits:
Difficult to pre compute all keys corresponding to a dictionary
of password by attacker.
It is unlikely to select the same key twice.
13. Password based Authentication using Salts
13
What if passwords+salt was input to a hash
function?
Not one hash for a given dictionary word.
There are as many different hashes as there are possible values
for the salt.
14. Password based cryptography using Iteration count
14
Increasing the cost of producing keys from a
password.
Using fixed number C with Password Random
Function (PRF).
As number of iteration increases, as the cost of
exhaustive search for passwords increases.
Minimum of 1000 iteration is recommended.
15. Password-based key derivation
15
A key derivation function produces a derived key
from a base key and other parameters.
The base key is a password and the other parameters
are a salt value and an iteration count.
16. Password-based key derivation
16
Key derivation algorithm:
Select a salt S and an iteration count c.
Select a length in octets for the derived key.
Apply the key derivation function to the password, the salt, the
iteration count and the key length to produce a derived key.
Output the derived key.
y = F(p, s, c)
17. Common countermeasures against online
dictionary attacks
17
Delayed response.
Prevent attacker from checking many passwords in a short
time.
Account locking.
Both insufficient in network environment.
Pricing via processing.
Use of Captcha.
18. Common countermeasures against offline
dictionary attacks
18
Can be easily prevented using Public key
cryptography.
First password based authentication protocol secure
against offline dictionary attacks, called EKE.
Encrypted Key Exchange , one party encrypts a (one-
time) public key using a password, and sends it to a
second party, who decrypts it and uses it to negotiate
a shared key with the first party.
19. Common countermeasures against offline
dictionary attacks
19
Password authenticated key exchange (PAKE)
is where two or more parties, based only on their
knowledge of a password, establish a cryptographic
key using an exchange of messages, such that an
unauthorized party cannot participate in the method
and is constrained as much as possible from guessing
the password.
Zero-Knowledge Concepts.
20. Conclusion
20
Data has nowadays become our most valuable asset
which needs to be protected at any cost.
Most common authentication techniques are
passwords.
Human-memorable passwords are vulnerable to
attacks.
Authentication techniques requires substantial
change in their infrastructure.
There is no satisfactory means to counter password
attacks.
Notas do Editor
The reasons for its wide use are easy to understand: it is mainly its user-friendliness that makes it an attractive choice. Users must remember just a password of their choice and store no other complicated data like long random keys or certificates.
“rainbow” technique which employs precomputation to speed upthe process of cracking individual passwords.Dictionary attacks work on the assumption that most passwords consist of whole words, dates, or numbers taken from a dictionary.(1)On-line password guessing attacks: An attacker tries to use a guessed password to pass the verification of theauthentication server in an on-line manner. Generally, the authentication server can detect such an attack bynoticing continuous authentication failures.(2) Off-line password guessing attacks: An attacker eavesdrops communication messages during a protocol andstores them locally. Then he/she tries to find out the weak password by repeatedly guessing a possible passwordand verifying the correctness of the guess via the captured information in an off-line manner. In general,such an attack can be prevented only by carefully designing the protocol such that no verifiable informationcan be used by the attack to verify the correctness of one guess on password.Replay attacks:In this attack, an adversary tries to replay messages partially or completely obtained in previous communications.If he can impersonate other users or expose other secret that is sensitive and useful for further deceptions, byguessing attacks, known-plaintext attacks or other cryptographic analysis methods, then the protocol is said to bevulnerable to replay attacks.Syllable attack is combination of both brute force and dictionary attack. This cracking technique is used when the password is not an existing word.Rule Based Attack:This type of attack is used when attacker gets some information about the password. This is the most powerful attack because the cracker knows about the type of password. This technique involves use of brute force, dictionary and syllable attacks
If they don’t compute those hashes on-the-fly, but keep a dictionary of precomputed hashes, then nothing is gained.
Psedue random function
If you don’t keep it a secret, at the very least you force the attacker to compute hashes on-the-fly rather than keeping a dictionary of precomputed hashes, which even for cheap hash functions will severely increase the amount of time required to get at your encrypted data.
DOS attacks, customer services and server can handle a lot of parallel access.(Completely Automated Public Turing Test to tell Computers and Humans Apartrequires the party that makes the attempt to send a proofthat it invested some non-trivial computation time in constructingits request.As a specific examplein the context of preventing dictionary attacks, theserver could require that a login attempt is accompanied bya value x that satisfies the requirement, say, that the last20 bits of H(x,username,password,time-of-day) are all 0,where H is a hash function such as SHA. If we assume thatSHA behaves as a random function, then the attacker wouldneed to check on the average 219 values for x before it findsa value that satisfies the test. that The computation of xadds a relatively negligible overhead to a single login attempt,but can significantly slow down the operation of adictionary attack.