SlideShare a Scribd company logo

All Your Password Are Belong To Us

Download as ODP, PDF
Charles Southerland
Charles Southerland

Suggestions for password policies given the state of things as of October 2012. Presented at Information Warfare Summit 2012.

Technology
1 of 55
All Your Password Are Belong To Us By Charles Southerland Information Warfare Summit 2012 October 3, 2012
There have been a lot of leaks lately... (And I'm not talking about the kind you call a plumber for.)
LinkedIn Password Leak ● Confirmed by LinkedIn on June 6, 2012 ● 6.5 million passwords leaked ● SHA-1 (not good, but not the worst hash) ● Unsalted
eHarmony Password Leak ● Confirmed by eHarmony on June 6, 2012 ● 1.5 million passwords leaked ● MD5 (according to LastPass) (the worst hash in common practice) ● Did not say if they were salting (so probably not)
Last.fm Password Leak ● Confirmed by Last.fm on June 8, 2012 ● 2.5 million passwords leaked ● MD5 (according to LastPass) ● Did not say if they were salting (so probably not)
Sony PSN Leak ● Tried to hide the leak as long as possible ● Denied and then later confirmed by Sony ● 77 million passwords leaked (along with other info) ● Credit card data was likely included
Sony Password Leak ● Confirmed by Sony on ● 1 million passwords leaked ● Plaintext (frankly appalling)
RSA SecurID Leak ● Scariest thing so far ● Involved a variety of techniques, but nothing too difficult or unfamiliar to your average computer geek ● SecurID serial number to secret key data stolen, effectively negating the security of all SecurID tokens that had been distributed by that time
If they can be hacked, you can be too.
And if you do get hacked, do you really want to end up in the situation Sony is in?
What to Do if You Get Hacked ● Definitely do not try to hide it! ● Quickly assess the problem and look for imminent threats ● Inform your users of what happened ● Tell your users what steps you have taken, are taking, and plan to take to protect them ● And when you hesitate to say exactly what happened for fear it might happen again, remember that security through obscurity is no security at all
That doesn't sound like much fun... but it could be worse
Now about that “steps you have taken” part...
What to Do Before it's Too Late ● Only store passwords in a non-recoverable (a.k.a. hashed) format! ● Always salt your hashes (preferably both a user-specific and a site-wide salt of some kind) ● Consider using key-stretching techniques ● Require moderately secure passwords (and consider suggesting password managers) ● Use multi-factor authentication rather than requiring password changes on a regular basis
Here's a few hash algorithms you may or may not have heard of...
MD5
MD5 ● Created by Ronald Rivest (the co-creator of RSA) in 1992 ● First collision found in 1996 ● Algorithms now exist to find collisions within minutes ● No longer considered sufficiently strong for security purposes
One-Way Compression Algorithm
DES, AES, Blowfish, etc. ● It is possible to use a block cipher (e. g. AES) as a hash function ● This technique is sometimes used when it is particularly advantageous to reuse existing functionality rather than add a little more (such as in a particularly small embedded device) ● As these block ciphers were designed to be optimal block ciphers and not necessarily optimal hash functions, I would advise sticking with the algorithms designed to be optimal hash functions
SHA-1
SHA-1 ● Created by the NSA in 1995 ● First collisions on reduced rounds in 2005 ● Many algorithms have now been developed to find collisions in SHA-1 in a reduced time ● While it does not yet seem that collisions can be readily produced, a breakthrough could happen at any time, and so it is widely suggested that stronger hashes be used
SHA-2
SHA-2 ● Created by NSA in 2001 ● Four variants (SHA-224, SHA-256, SHA-384, and SHA-512) ● Some slight weaknesses have been found, but the best are still somewhat benign ● These algorithms are widely accepted as being secure for the time being, and are even part of NSA's Suite B
Keccak's Sponge Constructor
SHA-3 ● NIST announced that Keccak is the winner yesterday (October 2, 2012) ● It is supposed to be very fast ● As it is not based on SHA-2, it is not vulnerable to the same attacks ● It's something to keep an eye on, but I'd wait a while
What is this “salt” you speak of? Isn't that the stuff you pour on french fries, icy roads, and slugs?
Per-User Salt ● A per-user salt is generally a random string that is combined with the supplied password before the password is hashed ● It prevents an attacker from using the same rainbow tables and brute force efforts for multiple users ● It is often stored along with the hash and an indicator of which hash algorithm was used ● Per-user salts should always be used for password hashing
Site-Wide Salt ● A site-wide salt does not change per user, and is kept in some other, presumably independently secure place ● Should the hashes be stolen, there would not be enough information for a hacker to use them without brute-forcing both a password and the site-wide salt simultaneously ● Some people use another string, but I like using external crypto, whether it's software, a daemon on the network, or an HSM
Key Stretching? Wouldn't that make it not fit in the lock any more?
Key Stretching ● Makes a weak password seem more secure by arbitrarily increasing the amount of time it takes to calculate the final hash ● Generally accomplished by using a normal hash algorithm inside of a kind of modified feedback loop ● The amount of time it takes to calculate the hash can be controlled by adjusting the number of iterations the hash must go through
TrueCrypt uses PBKDF2
PBKDF2 ● Appears to be the most common key stretching technique in use today ● Currently used by WPA2, LastPass, TrueCrypt, iOS, Android, etc. ● It is available in most languages being used today. ● It might be possible for someone with an unlimited budget to make a hardware device to slightly accelerate cracking passwords, but it seems very unlikely to happen
bcrypt ● Some people have come to prefer bcrypt over PKBDF2 ● It uses a more complex algorithm that intentionally makes it even less likely that someone with an unlimited budget could create a device to slightly accelerate cracking passwords ● There are claims that bcrypt only uses the first 55 characters of a password?
scrypt ● At the moment, scrypt appears to be the top dog when it comes to password hashing ● It uses sequential memory-hard functions, which literally places it into another complexity class from the other two ● Creating a device to accelerate cracking passwords would be more or less impossible at this time ● Configuring it for extreme security would also tax your hardware more
It's in a different category
You mean passw0rd2 isn't a good password? I've been using it on all my accounts for years! I even switched a letter for a number, then I put a 2 at the end instead of a 1 to throw people off!
Password Managers ● Password managers allow you to remember one long, complicated password that you enter once, and then the software takes care of long complicated passwords for everything else ● You essentially get significantly improved per- site security and convenience in exchange for one big point of failure. ● Popular ones include KeePass, 1Password, and LastPass (the one I use).
Multi-Factor Authentication ● Much more effective than cycling through passwords every 6 months ● Actually improves security if implemented correctly ● Less foreign to users than it once was (since Facebook and Google offer it now) ● Less expensive than it once was
Google Authenticator
YubiKey
Conclusion ● Use separate per-user and site-wide salts ● Use a SHA-2 variant ● Use PBKDF2 for key strengthening (or scrypt if you're feeling adventurous) ● Use password managers like LastPass ● Use Google Authenticator or a YubiKey ● If you get hacked, stay calm
Protect your users... For Great Justice!

Recommended

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
 
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...DynamicInfraDays
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsGreat Wide Open
 
Looking for Vulnerable Code. Vlad Savitsky
Looking for Vulnerable Code. Vlad SavitskyLooking for Vulnerable Code. Vlad Savitsky
Looking for Vulnerable Code. Vlad SavitskyVlad Savitsky
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013javagroup2006
 
20 security
20 security20 security
20 securityabiy2004
 
Hash cat
Hash catHash cat
Hash catSreekanth Narendran
 

Recommended

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays
 
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...DynamicInfraDays
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
Using Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsUsing Cryptography Properly in Applications
Using Cryptography Properly in ApplicationsGreat Wide Open
 
Looking for Vulnerable Code. Vlad Savitsky
Looking for Vulnerable Code. Vlad SavitskyLooking for Vulnerable Code. Vlad Savitsky
Looking for Vulnerable Code. Vlad SavitskyVlad Savitsky
 
Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013Data Security Essentials - JavaOne 2013
Data Security Essentials - JavaOne 2013javagroup2006
 
20 security
20 security20 security
20 securityabiy2004
 
Hash cat
Hash catHash cat
Hash catSreekanth Narendran
 
Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSThotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSJohn Bambenek
 
Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Juraj Bednar
 
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...SecuRing
 
Mo and Tao 魔与道
Mo and Tao 魔与道Mo and Tao 魔与道
Mo and Tao 魔与道Austin Chou
 
DSSH: Innovation in SSH
DSSH: Innovation in SSHDSSH: Innovation in SSH
DSSH: Innovation in SSHJuraj Bednar
 
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment Sergey Gordeychik
 
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)ColdFusionConference
 
Passwords
PasswordsPasswords
PasswordsKevin OBrien
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Secret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsSecret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsMichael Man
 
Password best practices and the last pass hack
Password best practices and the last pass hackPassword best practices and the last pass hack
Password best practices and the last pass hackKevin OBrien
 
Scriptless Attacks - Stealing the Pie without touching the Sill
Scriptless Attacks - Stealing the Pie without touching the SillScriptless Attacks - Stealing the Pie without touching the Sill
Scriptless Attacks - Stealing the Pie without touching the SillMario Heiderich
 
Living With Passwords: Personal Password Management
Living With Passwords: Personal Password ManagementLiving With Passwords: Personal Password Management
Living With Passwords: Personal Password ManagementNuno Loureiro
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
AES-GCM common pitfalls and how to work around them.pptx
AES-GCM common pitfalls and how to work around them.pptxAES-GCM common pitfalls and how to work around them.pptx
AES-GCM common pitfalls and how to work around them.pptxskantos
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverhannob
 
Wordlist Generation and Wifi Cracking
Wordlist Generation and Wifi CrackingWordlist Generation and Wifi Cracking
Wordlist Generation and Wifi CrackingShakar Bhattarai
 
Course_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxCourse_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxssuser020436
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to ExploitationUTD Computer Security Group
 

More Related Content

What's hot

Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSThotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSJohn Bambenek
 
Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Juraj Bednar
 
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...SecuRing
 
Mo and Tao 魔与道
Mo and Tao 魔与道Mo and Tao 魔与道
Mo and Tao 魔与道Austin Chou
 
DSSH: Innovation in SSH
DSSH: Innovation in SSHDSSH: Innovation in SSH
DSSH: Innovation in SSHJuraj Bednar
 
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment Sergey Gordeychik
 
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)ColdFusionConference
 

What's hot (7)

Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSThotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
 
Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010Dssh @ Confidence, Prague 2010
Dssh @ Confidence, Prague 2010
 
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
Outsmarting Smart Contracts - an essential walkthrough a blockchain security ...
 
Mo and Tao 魔与道
Mo and Tao 魔与道Mo and Tao 魔与道
Mo and Tao 魔与道
 
DSSH: Innovation in SSH
DSSH: Innovation in SSHDSSH: Innovation in SSH
DSSH: Innovation in SSH
 
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
 
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
 

Similar to All Your Password Are Belong To Us

Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and crackingNipun Joshi
 
Secret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsSecret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsMichael Man
 
Password best practices and the last pass hack
Password best practices and the last pass hackPassword best practices and the last pass hack
Password best practices and the last pass hackKevin OBrien
 
Scriptless Attacks - Stealing the Pie without touching the Sill
Scriptless Attacks - Stealing the Pie without touching the SillScriptless Attacks - Stealing the Pie without touching the Sill
Scriptless Attacks - Stealing the Pie without touching the SillMario Heiderich
 
Living With Passwords: Personal Password Management
Living With Passwords: Personal Password ManagementLiving With Passwords: Personal Password Management
Living With Passwords: Personal Password ManagementNuno Loureiro
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nixfangjiafu
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)securityEnrico Zimuel
 
AES-GCM common pitfalls and how to work around them.pptx
AES-GCM common pitfalls and how to work around them.pptxAES-GCM common pitfalls and how to work around them.pptx
AES-GCM common pitfalls and how to work around them.pptxskantos
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverhannob
 
Wordlist Generation and Wifi Cracking
Wordlist Generation and Wifi CrackingWordlist Generation and Wifi Cracking
Wordlist Generation and Wifi CrackingShakar Bhattarai
 
Course_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxCourse_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxssuser020436
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done righttladesignz
 

Similar to All Your Password Are Belong To Us (20)

Passwords
PasswordsPasswords
Passwords
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Secret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret DragonsSecret Management Journey - Here Be Dragons aka Secret Dragons
Secret Management Journey - Here Be Dragons aka Secret Dragons
 
Password best practices and the last pass hack
Password best practices and the last pass hackPassword best practices and the last pass hack
Password best practices and the last pass hack
 
Scriptless Attacks - Stealing the Pie without touching the Sill
Scriptless Attacks - Stealing the Pie without touching the SillScriptless Attacks - Stealing the Pie without touching the Sill
Scriptless Attacks - Stealing the Pie without touching the Sill
 
Living With Passwords: Personal Password Management
Living With Passwords: Personal Password ManagementLiving With Passwords: Personal Password Management
Living With Passwords: Personal Password Management
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
 
Password (in)security
Password (in)securityPassword (in)security
Password (in)security
 
AES-GCM common pitfalls and how to work around them.pptx
AES-GCM common pitfalls and how to work around them.pptxAES-GCM common pitfalls and how to work around them.pptx
AES-GCM common pitfalls and how to work around them.pptx
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS server
 
Wordlist Generation and Wifi Cracking
Wordlist Generation and Wifi CrackingWordlist Generation and Wifi Cracking
Wordlist Generation and Wifi Cracking
 
Course_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptxCourse_Presentation cyber --------------.pptx
Course_Presentation cyber --------------.pptx
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
 
User Credential handling in Web Applications done right
User Credential handling in Web Applications done rightUser Credential handling in Web Applications done right
User Credential handling in Web Applications done right
 
Evaluating a password manager
Evaluating a password managerEvaluating a password manager
Evaluating a password manager
 
Password Pusher Media Resources
Password Pusher Media ResourcesPassword Pusher Media Resources
Password Pusher Media Resources
 
Web security 101
Web security 101Web security 101
Web security 101
 
Websec
WebsecWebsec
Websec
 

More from Charles Southerland

Program Derivation of Operations in Finite Fields of Prime Order
Program Derivation of Operations in Finite Fields of Prime OrderProgram Derivation of Operations in Finite Fields of Prime Order
Program Derivation of Operations in Finite Fields of Prime OrderCharles Southerland
 
Program Derivation of Matrix Operations in GF
Program Derivation of Matrix Operations in GFProgram Derivation of Matrix Operations in GF
Program Derivation of Matrix Operations in GFCharles Southerland
 

More from Charles Southerland (11)

hextime (OKC LUGnuts 5C393C35)
hextime (OKC LUGnuts 5C393C35)hextime (OKC LUGnuts 5C393C35)
hextime (OKC LUGnuts 5C393C35)
 
HTTPS Sucks
HTTPS SucksHTTPS Sucks
HTTPS Sucks
 
Authentication Concepts
Authentication ConceptsAuthentication Concepts
Authentication Concepts
 
Linux Users are People, Too!
Linux Users are People, Too!Linux Users are People, Too!
Linux Users are People, Too!
 
RSA
RSARSA
RSA
 
Passwords
PasswordsPasswords
Passwords
 
Program Derivation of Operations in Finite Fields of Prime Order
Program Derivation of Operations in Finite Fields of Prime OrderProgram Derivation of Operations in Finite Fields of Prime Order
Program Derivation of Operations in Finite Fields of Prime Order
 
Program Derivation of Matrix Operations in GF
Program Derivation of Matrix Operations in GFProgram Derivation of Matrix Operations in GF
Program Derivation of Matrix Operations in GF
 
Logs And Backups
Logs And BackupsLogs And Backups
Logs And Backups
 
C Is Not Dead Yet
C Is Not Dead YetC Is Not Dead Yet
C Is Not Dead Yet
 
One-Time Pad Encryption
One-Time Pad EncryptionOne-Time Pad Encryption
One-Time Pad Encryption
 

Recently uploaded

Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 

All Your Password Are Belong To Us

  • 1. All Your Password Are Belong To Us By Charles Southerland Information Warfare Summit 2012 October 3, 2012
  • 2.
  • 3. There have been a lot of leaks lately... (And I'm not talking about the kind you call a plumber for.)
  • 4.
  • 5. LinkedIn Password Leak ● Confirmed by LinkedIn on June 6, 2012 ● 6.5 million passwords leaked ● SHA-1 (not good, but not the worst hash) ● Unsalted
  • 6.
  • 7. eHarmony Password Leak ● Confirmed by eHarmony on June 6, 2012 ● 1.5 million passwords leaked ● MD5 (according to LastPass) (the worst hash in common practice) ● Did not say if they were salting (so probably not)
  • 8.
  • 9. Last.fm Password Leak ● Confirmed by Last.fm on June 8, 2012 ● 2.5 million passwords leaked ● MD5 (according to LastPass) ● Did not say if they were salting (so probably not)
  • 10.
  • 11. Sony PSN Leak ● Tried to hide the leak as long as possible ● Denied and then later confirmed by Sony ● 77 million passwords leaked (along with other info) ● Credit card data was likely included
  • 12.
  • 13. Sony Password Leak ● Confirmed by Sony on ● 1 million passwords leaked ● Plaintext (frankly appalling)
  • 14.
  • 15. RSA SecurID Leak ● Scariest thing so far ● Involved a variety of techniques, but nothing too difficult or unfamiliar to your average computer geek ● SecurID serial number to secret key data stolen, effectively negating the security of all SecurID tokens that had been distributed by that time
  • 16. If they can be hacked, you can be too.
  • 17. And if you do get hacked, do you really want to end up in the situation Sony is in?
  • 18.
  • 19. What to Do if You Get Hacked ● Definitely do not try to hide it! ● Quickly assess the problem and look for imminent threats ● Inform your users of what happened ● Tell your users what steps you have taken, are taking, and plan to take to protect them ● And when you hesitate to say exactly what happened for fear it might happen again, remember that security through obscurity is no security at all
  • 20. That doesn't sound like much fun... but it could be worse
  • 21.
  • 22. Now about that “steps you have taken” part...
  • 23. What to Do Before it's Too Late ● Only store passwords in a non-recoverable (a.k.a. hashed) format! ● Always salt your hashes (preferably both a user-specific and a site-wide salt of some kind) ● Consider using key-stretching techniques ● Require moderately secure passwords (and consider suggesting password managers) ● Use multi-factor authentication rather than requiring password changes on a regular basis
  • 24. Here's a few hash algorithms you may or may not have heard of...
  • 25. MD5
  • 26. MD5 ● Created by Ronald Rivest (the co-creator of RSA) in 1992 ● First collision found in 1996 ● Algorithms now exist to find collisions within minutes ● No longer considered sufficiently strong for security purposes
  • 28. DES, AES, Blowfish, etc. ● It is possible to use a block cipher (e. g. AES) as a hash function ● This technique is sometimes used when it is particularly advantageous to reuse existing functionality rather than add a little more (such as in a particularly small embedded device) ● As these block ciphers were designed to be optimal block ciphers and not necessarily optimal hash functions, I would advise sticking with the algorithms designed to be optimal hash functions
  • 29. SHA-1
  • 30. SHA-1 ● Created by the NSA in 1995 ● First collisions on reduced rounds in 2005 ● Many algorithms have now been developed to find collisions in SHA-1 in a reduced time ● While it does not yet seem that collisions can be readily produced, a breakthrough could happen at any time, and so it is widely suggested that stronger hashes be used
  • 31. SHA-2
  • 32. SHA-2 ● Created by NSA in 2001 ● Four variants (SHA-224, SHA-256, SHA-384, and SHA-512) ● Some slight weaknesses have been found, but the best are still somewhat benign ● These algorithms are widely accepted as being secure for the time being, and are even part of NSA's Suite B
  • 34. SHA-3 ● NIST announced that Keccak is the winner yesterday (October 2, 2012) ● It is supposed to be very fast ● As it is not based on SHA-2, it is not vulnerable to the same attacks ● It's something to keep an eye on, but I'd wait a while
  • 35. What is this “salt” you speak of? Isn't that the stuff you pour on french fries, icy roads, and slugs?
  • 36.
  • 37. Per-User Salt ● A per-user salt is generally a random string that is combined with the supplied password before the password is hashed ● It prevents an attacker from using the same rainbow tables and brute force efforts for multiple users ● It is often stored along with the hash and an indicator of which hash algorithm was used ● Per-user salts should always be used for password hashing
  • 38. Site-Wide Salt ● A site-wide salt does not change per user, and is kept in some other, presumably independently secure place ● Should the hashes be stolen, there would not be enough information for a hacker to use them without brute-forcing both a password and the site-wide salt simultaneously ● Some people use another string, but I like using external crypto, whether it's software, a daemon on the network, or an HSM
  • 39.
  • 40. Key Stretching? Wouldn't that make it not fit in the lock any more?
  • 41.
  • 42. Key Stretching ● Makes a weak password seem more secure by arbitrarily increasing the amount of time it takes to calculate the final hash ● Generally accomplished by using a normal hash algorithm inside of a kind of modified feedback loop ● The amount of time it takes to calculate the hash can be controlled by adjusting the number of iterations the hash must go through
  • 44. PBKDF2 ● Appears to be the most common key stretching technique in use today ● Currently used by WPA2, LastPass, TrueCrypt, iOS, Android, etc. ● It is available in most languages being used today. ● It might be possible for someone with an unlimited budget to make a hardware device to slightly accelerate cracking passwords, but it seems very unlikely to happen
  • 45. bcrypt ● Some people have come to prefer bcrypt over PKBDF2 ● It uses a more complex algorithm that intentionally makes it even less likely that someone with an unlimited budget could create a device to slightly accelerate cracking passwords ● There are claims that bcrypt only uses the first 55 characters of a password?
  • 46. scrypt ● At the moment, scrypt appears to be the top dog when it comes to password hashing ● It uses sequential memory-hard functions, which literally places it into another complexity class from the other two ● Creating a device to accelerate cracking passwords would be more or less impossible at this time ● Configuring it for extreme security would also tax your hardware more
  • 47. It's in a different category
  • 48. You mean passw0rd2 isn't a good password? I've been using it on all my accounts for years! I even switched a letter for a number, then I put a 2 at the end instead of a 1 to throw people off!
  • 49. Password Managers ● Password managers allow you to remember one long, complicated password that you enter once, and then the software takes care of long complicated passwords for everything else ● You essentially get significantly improved per- site security and convenience in exchange for one big point of failure. ● Popular ones include KeePass, 1Password, and LastPass (the one I use).
  • 50.
  • 51. Multi-Factor Authentication ● Much more effective than cycling through passwords every 6 months ● Actually improves security if implemented correctly ● Less foreign to users than it once was (since Facebook and Google offer it now) ● Less expensive than it once was
  • 54. Conclusion ● Use separate per-user and site-wide salts ● Use a SHA-2 variant ● Use PBKDF2 for key strengthening (or scrypt if you're feeling adventurous) ● Use password managers like LastPass ● Use Google Authenticator or a YubiKey ● If you get hacked, stay calm
  • 55. Protect your users... For Great Justice!