Passwords

Access Controls and Authentication

Readings Password Vulnerabilities

Why passwords have never been weaker…

Storing passwords A salt free diet is bad for your security… Threshold Cryptography….

Password Usage An analysis of ID-password usage…

Why do we keep doing this? Why it Pays to Submit to Hackers

New kinds of authentication Active Authentication Learn a password subconsciously… Risk-Based Authentication

Password Vulnerabilities

Password Cracking The practice of inputting plaintext through an hashing algorithm and comparing

with a compromised hash compromised hash = computed hash You know the password (Input)

Dictionary attacks Comparing known words and their hashes to compromised hashes Exploit becomes 2 step process

Generate word lists Time and storage problem

Table Look-up

Known password lists 60% of newly compromised passwords are already in tables/cracked Exploit becomes a 1 step process

Generating word lists is less necessary Table Loop-up only

Hybrid attack Combines dictionary with intelligence gathered from know passwords

For Example: Gather all names from Facebook and combine with dictionary words

Storage Problem You can run all possible combinations of any

size password through any hashing algorithm and store the results but… It takes terabytes of storage space

Hellman/Rainbow tables reduce the space requirement by storing only 1st password and last generated hash

GPU-assisted cracking has reduced the need for rainbow tables

Hacker Password Analysis

Most capitalized letters are at the beginning of a password

Most numbers and special characters are at the end

Quite a lot of first name followed by year

Add number or special characters at the beginning or (usually) end

Mangling Super – sup34 Princess = Prince$$

Mirror images mypassworddrowssapym

SplashData’s25 Most Popular Passwords for 2012

1. password (Unchanged)2. 123456 (Unchanged)3. 12345678 (Unchanged)4. abc123 (Up 1)5. qwerty (Down 1)6. monkey (Unchanged)7. letmein (Up 1)8. dragon (Up 2)9. 111111 (Up 3)10. baseball (Up 1)11. iloveyou (Up 2)12. trustno1 (Down 3)

13. 1234567 (Down 6)14. sunshine (Up 1)15. master (Down 1)16. 123123 (Up 4)17. welcome (New)18. shadow (Up 1)19. ashley (Down 3)20. football (Up 5)21. jesus (New)22. michael (Up 2)23. ninja     (New)24. mustang (New)25. password1 (New)

compiled from files containing millions of stolen passwords posted online by hackers.

Lets look at numbers

Steven1961 10 characters 52 letters 10 numbers so,

6210 /8 billion second = 104,912,420.73 (1,748,540.35 minutes; 29,142.34 hours; 1,214.26 days;)

3.33 Years to crack but….

Hackers know our patterns so… 10 character, last 4 are numbers, 1st may be capitalized 52 x 26 x 26 x 26 x 26 x 26 x 10 x 10 x 10 x 10 / 8 billion =

772.29 seconds 12.87 minutes to crack

But what if Hacker goes to my Facebook page? 10 character, last 4 are numbers and they’re probably 1961 so… 52 x 26 x 26 x 26 x 26 x 26 +1961/ 8 billion =

.07 seconds to crack

Just the facts John…

PC running with 1 AMD Radeon HD7970 GPU Process 8.2 billion password’s per second

The biggest boon to cracking passwords however is Theft of non-secure credential files Rockyou.com

32 million plaintext passwords 14 million after duplicates were removed Now there exists a database of commonly used

passwords If you can “crack” 8.2 billion per second how

fast do you think you can look one up?

Copyright Pearson Prentice-Hall 2010

Password-Cracking Programs Brute-force password guessing

Try all possible passwords of Length 1, Length 2, etc. Thwarted by passwords that are long and complex

(using all keyboard characters) N is the password length, in characters

Alphabet, no case: N26 possible passwords Alphabet, upper and lower case (N52) Alphanumeric (letters and digits) (N62) All keyboard characters (~N80)

9

Server Password Cracking

Copyright Pearson Prentice-Hall 2010 10

Password Complexity and Length are

both CrucialPassword Length in

Characters

Low Complexity:

Alphabetic, No Case (N=26)

Alphabetic, Case-Sensitive

(N=52)

Alphanumeric: Letters and

Digits (N=62)

High Complexity:

All Keyboard Characters

(N=80)

1 26 52 62 802 676 2,704 3,844 6,4004 456,976 7,311,616 14,776,336 40,960,0006 308,915,776 19,770,609,66

456,800,235,58

42.62144E+11

8 2.08827E+11 5.34597E+13 2.1834E+14 1.67772E+1510 1.41167E+14 1.44555E+17 8.39299E+17 1.07374E+19

Note: On average, an attacker will have to try half of all combinations.

GPU Cracking What is it?

Using a graphics card to brute-force passwords

How fast does it work? Millions of attempt per second GPU Bruteforcer 450 million per second, but…

It depends on hash How long would a 12 character password using , U, l, 0-9,

&^% take? 94⌃8 = 6,095,689,385,410,816

MD5 = 166 days? SHA-512 = 5,427 days? ~15 years Even 6 character password would take: ~15 hours

Easy Audit Question for SOX Compliance How are you hashing your passwords

Copyright Pearson Prentice-Hall 2010

Other Password Threats Keystroke Capture Software

Trojan horse displays a fake login screen, reports its finding to attackers

Shoulder Surfing Attacker watches as the victim types a

password Even partial information can be useful

Part of the password: P_ _sw_ _d Length of the password (reduces time to do brute-force

cracking) iPhone/smartphone keylogging (reported

10/18/2011) Decoding Vibrations From Nearby Keyboards Us

ing Mobile Phone Accelerometers Solution, keep smartphone away from your

keyboard12

Server Password Cracking

Storing Passwords (Salting Hashes)

Start with the Obvious Passwords should not be stored ‘in the clear’

The LinkedIn Hack over six million passwords belonging to LinkedIn users have been compromised A file containing 6,458,020 SHA-1 unsalted password hashes has been posted on

the internet, and hackers are working together to crack them.

Stored passwords as SHA-1, but without ‘Salt’ So, password123 stored as: cbfdac6008f9cab4083784cbd1874f76618d2a97

Need for Salting Hash Rainbow Tables Salting means appending random characters at the beginning of a password and

than hashing it: So, password123 might be KiJqpassword123 51472f680dc6cc5ce44366d765ca71148f68e36c will be stored as: KiJq51472f680dc6cc5ce44366d765ca71148f68e36c Now any 2 password123 will have unique hashes not found in rainbow tables

Or at least it will be harder to create rainbow tables

Threshold Cyrptography

Complex math but simple idea

Take a password Divide it Hash the pieces Store the pieces on separate servers

Increases the exploits that have to be carried out to get the pieces

Need a way to determine how to put the pieces together again

RSA Distributed Credential Protection

Play Video…

Why all this fuss? An Analysis of ID-password usage (Bank,

Lee, Bae and Ahn, 2012)

What were the highlight of this article?

Analysis of ID-Password

Usage Users are usually the weakest link

Choose weak/simple passwords Password memorability can be difficult Can anyone remember the password from the wiki

cartoon? Reuse the passwords on multiple sites Even if your site has strong security (?) a weaker

site with the same password could compromise your site

Study examines: Re-use of login credentials Creation of Vulnerability Index

Re-useItem Mean

Number of Sites 105.7

Number of Unique IDs 6.6

Number of Unique passwords 4.7

Number of Unique log-in credentials

11.8

ID re-use ratio 19.1

Password re-use ratio 29.2

Log-in credentials re-use 10.5

% of used unique log-in credentials

45.6%

Class Results

Reuse ratio =2.9, hmm I wonder how accurate this is?

Vulnerability Index

Network Theory Sites with same log-in

credentials (node) Connected nodes use

same log-in credentials (component)

Unique log-in credentials (isolate)

Inclusiveness - # of connected nodes / total nodes (12/14 = 85.7%) Largest:Network (5/14

= 35.7%) 2nd Largest:Network

(28.6%) 3rd Largest:Network

(21.4%)

VI – Result from Study

Item Mean

Inclusiveness 0.94 Use the same log-in credentials

Largest component 0.54

2nd largest component

0.18 0.72 (cumulative)

3rd largest component

0.09 0.81 (cumulative)

Vulnerability Index

0.38

•3 most frequently used log-in combinations use in 81% of sites vs. 11.8 unique log-in credentials•VI = expected proportion of sites subject to potential breaches if a breach at one site occurs• Larger values of VI indicate higher levels of vulnerability

Reducing VI Reducing the number of sites where log-in

credential combinations are used (reduce component size)

Increasing the number of different log-in credentials

Thus, vulnerability can be decreased without increasing: ID’s, PW’s or log-in credential combinations

Implications Firms need a network perspective

Firms can be compromised due to outside company security lapses

Firms should implement different log-in credentials procedures other than (ID/PW)

Policy makes need to enforce log-in credential implementation critical

Public awareness of the problem needs to be improved Discrepancy-enlarging feedback loop

Cybernetic Theory Discrepancy-enlarging feedback

used to explain avoidance behavior Compare your present state to undesired

state

Present

State

Avoidance State

Why do we choose weak passwords?

We know we need strong passwords

We know we need to back-up our computers

In general We don’t do it, why? Economics:

Cost (Time & Energy) Now

Benefit, sometime in the future – maybe!

Black Swan incident – what is this?

Hyperbolic discounting – what is this?

Fixes: Binding Mechanisms

Allow a new site/app to remind in the future to update my credentials

Secure Defaults I say use a password manger

User Friendliness Make credentials easier for

humans Face recognition vs

character string memorization

Incentives Discount for using strong

passwords Costs for not – Why are CC

companies responsible for your lack of a strong password?

Can we strengthen security of

passwords? Use Password Manager

1Password Roboform

Password Based Key Derivation Function Version 2 (PBKDFV2) Systems using PBKDFV2

Copyright Pearson Prentice-Hall 2010 26

I have two pets named Fred and Alice Ihave2pets:Fred&Alice Looks pretty secure but…

Use Spaces to help you remember I have 2 pets: Fred & Alice

Don’t tell the truth: I have 3 pets: LeBron, Dwane & Chris

Don’t make sense: I have 35 pets: LeBron, Dwane & Chris

Avoid predictable phrases I have 35 pets: Lebron, Dwane & Amy

But this is still predicatable

1Passwords password system

Copyright Pearson Prentice-Hall 2009 27

Introduce randomness into passwords

Roll dice to select word

Roll dice again to select next word

Continue

Diceware Passwords (Arnold Reinhold)

Copyright Pearson Prentice-Hall 2010 28

How Many words? Password vs. Passphrase

Password Usually 4-10 characters (2 Diceware words) Insert random special character between 2 words

Passphrase 20-40 characters (4-5 Diceware words) Entropy

How hard will it be for an attacker to know the passphrase given the method of selection, measured in bits Flip of a coin = 1 bit of entropy

Diceware word = 12.9 bits of entropy 4 words: 51.6 (use at least 11 characters) 5 words: 64.6 6 words:77.5 (use at least 17 characters) 7 words:90.4 (use at least 20 charcters) 10 word: 128

For passphrases for encryption, 6 is recommended

Finally… Even Stronger

Insert your own word into the set of Diceware words P35:LD&A + Diceware words

How many characters?

Active Authentication

What is it?

How will it work?

AA – What is it? Authentication based on how you perform

tasks Distinct Behavioral Characteristics Cognitive fingerprint

Keyboard Dynamics Length of time to hold down a key, and time to

move to another key Mice movement

These repetitive movement are not controlled by deliberate thought and therefore hard to mimic

AA – How will it work?

Lets Play a Game Pro’s

Con’s

Risk Based Authentication