Presentation is loading. Please wait.

Presentation is loading. Please wait.

Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern Presented by Erik Archambault.

Published byDoris Richardson Modified over 9 years ago

Similar presentations

Presentation on theme: "Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern Presented by Erik Archambault."— Presentation transcript:

1 Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern Presented by Erik Archambault

2  NIST SP800-63, from 2006, presents entropy-based password strength metric ◦ Based on Shannon’s information entropy from 1948  Goal: test NIST metric’s accuracy and conventional password policies with cracking attacks against real passwords  Data sets: RockYou.com (primary, ~32 million passwords) ◦ Also FaithWriters.com, Singles.org, Neopets.com (assumed), PhpBB.com

3  Torpig takeover-largest previous study on real password security  No other major results on actual security of password creation policies, e.g. the effect of password length  Also theoretical work trying to establish guessing entropy based on Shannon’s information entropy

4  4 bits for first character  2 bits for 2 nd -8 th characters  1.5 bits for chars 9 th -20 th characters  1 bit for each additional character  6 extra bits for upper case and/or non- alphabetic characters  Up to 6 extra bits for blacklist check

5

6

7  Split RockYou data set randomly into 32 even lists, 1 million passwords each ◦ 1 st five lists are test set, last five are training set  RockYou set from multiple sites, no one policy affects whole set-more general  Observation: in first three lists, ~85% of passwords show 14-21.5 bits of entropy

8  Use John the Ripper to simulate offline cracking attacks (also use short runs to compare to NIST thresholds) ◦ Guessing rule set is simpler, slower than default ◦ Used general base dictionary at first, later an optimized dictionary based on training data set  Assumed in all cases that attacker is aware of password creation policy ◦ E.g. digits required, blacklist in effect

9  First test: one billion guesses, passwords grouped by length (7+, 8+, 9+, and 10+characters) ◦ Increased length correlated with increased strength/lower cracking success ◦ But…

10  Second test: same as before, but digits required ◦ Attack less successful against shorter passwords, oddly more successful against longer passwords  As longer passwords more likely contain digits, could have eliminated wasted guesses ◦ Also, significantly decreased effectiveness on first 100 million guesses  Usage of digits not uniform, ‘1’ is by far the most common, in ~11% of cases  ~85% of passwords with digits have them at the end or are entirely digits

11  Shorter attack: 50 thousand guesses (feasible for an online attack), with the same dictionary ◦ Resulted in little difference based on password length  Short attack with optimized dictionary based on training set, performance similar to first test

12

13  Very short attack (2000 guesses) with optimized dictionary ◦ Still much more successful than NIST thresholds would allow or NIST metric predicts

14  Results imply blacklists are necessary ◦ NIST paper says blacklists necessary for the entropy metric, but what about the last rule that adds entropy for blacklisting  NIST cracking speed prediction is unrealistic

15  Further attack tests show blacklisting to be very effective  However, attacks are still more successful than allowed by NIST’s Level 1 or 2 standards

16  Requiring upper case or special characters decreases attack success, causes a plateau in cracking rate ◦ Most passwords (nearly 90% of length 7) with uppercase characters follow one of two patterns ◦ Special characters used in more varied ways

17  Other data sets were attacked using training from RockYou set ◦ Attacks were generally more effective against other password sets, even though trained on RockYou

18  Dictionary derived from RockYou training set was the most effective against FaithWriters passwords ◦ Note Singles.org believed to have similar demographic to FaithWriters

19  Explicit policies: clear, explicit constraints ◦ Strong explicit policy can frustrate attacks ◦ However, passwords can still be vulnerable based on poor user choices  External policies: user-selected base password is strengthened by system ◦ Users tend to choose/reuse simpler base passwords ◦ Users may also write down passwords to remember them

20  Implicit policies: reject passwords that are too easy to guess ◦ Rejection can be combined with other policies, e.g. an explicit policy ◦ Assuming basis for rejection (e.g. blacklist) is accurate, reduces average guessability of passwords ◦ Feedback can be used by attacker to improve attacks

Download ppt "Matt Weir, Sudhir Aggarwal, Michael Collins, Henry Stern Presented by Erik Archambault."

Similar presentations

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.
Password Cracking Lesson 10. Why crack passwords?

Password Cracking Lesson 10. Why crack passwords?
Random Number Generation. Random Number Generators Without random numbers, we cannot do Stochastic Simulation Most computer languages have a subroutine,

Random Number Generation. Random Number Generators Without random numbers, we cannot do Stochastic Simulation Most computer languages have a subroutine,
Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms by Patrick Gage Kelley, Saranga Komanduri, Michelle.

Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms by Patrick Gage Kelley, Saranga Komanduri, Michelle.
HOW DOES YOUR PASSWORD MEASURE UP The Effect of Strength Meters on Password Creation Rui Xie.

HOW DOES YOUR PASSWORD MEASURE UP The Effect of Strength Meters on Password Creation Rui Xie.
Routegadget analysis By: Matt Radford. Course information - The controls are labelled as if doing course A. - Control codes are next to the controls.

Routegadget analysis By: Matt Radford. Course information - The controls are labelled as if doing course A. - Control codes are next to the controls.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea 34901784 443099

Introduction to Cryptography and Security Mechanisms: Unit 5 Theoretical v Practical Security Dr Keith Martin McCrea
NetID Password Strength Initiative Gary Windham Senior Enterprise Systems Architect UITS Computing Services.

NetID Password Strength Initiative Gary Windham Senior Enterprise Systems Architect UITS Computing Services.
Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.

Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.
Memory Management 2010.

Memory Management 2010.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.

Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
ENTROPY OF FINGERPRINT SENSORS. Do different fingerprint sensors affect the entropy of a fingerprint? RESEARCH QUESTION/HYPOTHESIS.

ENTROPY OF FINGERPRINT SENSORS. Do different fingerprint sensors affect the entropy of a fingerprint? RESEARCH QUESTION/HYPOTHESIS.
Handwritten Character Recognition using Hidden Markov Models Quantifying the marginal benefit of exploiting correlations between adjacent characters and.

Handwritten Character Recognition using Hidden Markov Models Quantifying the marginal benefit of exploiting correlations between adjacent characters and.
To quantitatively test the quality of the spell checker, the program was executed on predefined “test beds” of words for numerous trials, ranging from.

To quantitatively test the quality of the spell checker, the program was executed on predefined “test beds” of words for numerous trials, ranging from.
Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.

Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
Password Management PA Turnpike Commission

Password Management PA Turnpike Commission

Similar presentations

Ads by Google