Cracking Passwords With Time-memory Trade-offs. Gildas Avoine Université catholique de Louvain, Belgium
|
|
- Rosalyn Robbins
- 7 years ago
- Views:
Transcription
1 Cracking Passwords With Time-memory Trade-offs Gildas Avoine Université catholique de Louvain, Belgium
2 SUMMARY Motivations Hellman Tables Oechslin Tables Real Life Examples Fingerprint Tables Conclusion
3 MOTIVATIONS Motivations Hellman Tables Oechslin Tables Real Life Examples Fingerprint Tables Conclusion
4 One-way Function Function h : A B that is easy to compute on every input, but hard to invert given the image of an arbitrary input. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 4
5 Example: Password-based Authentication User (username, pwd) username, pwd Computer Compute h(pwd) username 1 h(pwd 1 ) username 2 h(pwd 2 ) username 3 h(pwd 3 ).. username N h(pwd N ) Gildas Avoine Cracking Passwords with Time-memory Trade-offs 5
6 Exhaustive Search Online exhaustive search: Computation: N := A Storage: 0 Precalculation: 0 Precalculated exhaustive search: Computation: 0 Storage: N Precalculation: N Gildas Avoine Cracking Passwords with Time-memory Trade-offs 6
7 HELLMAN TABLES Motivations Hellman Tables Oechslin Tables Real Life Examples Fingerprint Tables Conclusion
8 Precalculation Phase Martin Hellman s cryptanalytic time-memory trade-off (1980). Precalculation phase to speed up the online attack: T N2 M 2 Gildas Avoine Cracking Passwords with Time-memory Trade-offs 8
9 Precalculation Phase (recap) Invert h : A B. Define R : B A an arbitrary (reduction) function. Define f : A A such that f = R h. Chains are generated from arbitrary values in A. S 1 = X 1,1 f X 1,2 f X 1,3 f... S 2 = X 2,1 f X 2,2 f X 2,3 f.... S m = X m,1 f X m,2 f X m,3 f... f X 1,t = E 1 f X 2,t = E 2. f X m,t = E m The generated values should cover the set A (probabilistic). Only the first and the last element of each chain is stored. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 9
10 Online Attack Gildas Avoine Cracking Passwords with Time-memory Trade-offs 10
11 Online Attack (Recap) Given one output y B, we compute y 1 := R(y) and f f f generate a chain starting at y 1 : y 1 y 2 y 3... y s S 1 E 1 S m E m not y 1 y 2 y s y y 1 time needed to rebuild the chain time needed to find a matching endpoint Gildas Avoine Cracking Passwords with Time-memory Trade-offs 11
12 Coverage and Collisions Collisions occur during the precalculation phase. Several tables with different reduction functions. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 12
13 OECHSLIN TABLES Motivations Hellman Tables Oechslin Tables Real Life Examples Fingerprint Tables Conclusion
14 Using Several Reduction Functions (Oechslin, 2003) Use a different reduction function per column: rainbow tables. Invert h : A B. Define R i : B A arbitrary (reduction) functions. Define f i : A A such that f i = R i h. f 1 f 2 f 3 S 1 = X 1,1 X 1,2 X 1,3... f 1 f 2 f 3 S 2 = X 2,1 X 2,2 X 2,3.... f1 f2 f3 S m = X m,1 X m,2 X m,3... f t X 1,t = E 1 f t X 2,t = E 2 ft X m,t = E m. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 14
15 Discarding the Merges If 2 chains collide in different columns, they don t merge. If 2 chains collide in same column, merge can be detected. A table without merges is said perfect Gildas Avoine Cracking Passwords with Time-memory Trade-offs 15
16 Online Procedure is More Complex Given one output y B, we compute y 1 := R(y) and generate a chain starting at y 1 : f t s f t s+1 f t s+2 y 1 y 2 y 3... y s S 1 E 1 S m y y 1 y s E m y 2 y y 1 time needed to rebuild the chain time needed to find a matching endpoint Gildas Avoine Cracking Passwords with Time-memory Trade-offs 16
17 Success Probability of a Table is Bounded Theorem Given t and a sufficiently large N, the expected maximum number of chains per perfect rainbow table without merge is: Theorem m max (t) 2N t + 1. Given t, for any problem of size N, the expected maximum probability of success of a single perfect rainbow table is: ( P max (t) ) t t + 1 which tends toward 1 e 2 86% when t is large. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 17
18 Average Cryptanalysis Time Theorem Given N, m, l, and t, the average cryptanalysis time is: T = k=lt k=1 c=t k 1 l (t c)(t c + 1) p k ( 2 i=t + q i i)l+ i=c where (1 m t(t 1) N )lt ( 2 q i = 1 m N i=t + q i i)l i=1 i(i 1) t(t + 1). Gildas Avoine Cracking Passwords with Time-memory Trade-offs 18
19 REAL LIFE EXAMPLES Motivations Hellman Tables Oechslin Tables Real Life Examples Fingerprint Tables Conclusion
20 Statistics from 10,000 Leaked Hotmail Passwords Password Type % numeric 19% lower case alpha 42% mixed case alpha 3% mixed numeric alpha 30% other charac 6% Password Length % 7 37% 8 58% 9 70% Gildas Avoine Cracking Passwords with Time-memory Trade-offs 20
21 Windows LM Passwords (Algorithm) Win98/ME/2k/XP uses the Lan Manager Hash (LM hash). The password is cut in two blocks of 7 characters. Lowercase letters are converted to uppercase. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 21
22 Windows LM Hash (Results) Cracking an alphanumerical password (LM Hash) on a PC. Size of the problem: N = = Brute Force TMTO Online Attack (op) Time 2 h sec Precalculation (op) Time 0 33 days Storage 0 2 GB Gildas Avoine Cracking Passwords with Time-memory Trade-offs 22
23 Windows NT LM Passwords Win NT/2000/XP/Vista/Seven uses the NT LM Hash. The password is no longer cut in two blocks. Lowercase letters are not converted to uppercase. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 23
24 Windows NT LM Hash (Results) Cracking a 7-char (max) alphanumerical password (NT LM Hash) on a PC. Size of the problem: N = Brute Force TMTO Online Attack (op) ? Time 99 hrs? Precalculation (op) 0? Time 0? Storage 0? Gildas Avoine Cracking Passwords with Time-memory Trade-offs 24
25 FINGERPRINT TABLES (Joint work with A. Bourgeois and X. Carpent) Motivations Hellman Tables Oechslin Tables Real Life Examples Fingerprint Tables Conclusion
26 Checkpoints (Avoine, Junod, Oechslin, 2005) Given one output y B, we compute y 1 := R(y) and generate a chain starting at y 1 : f t s f t s+1 f t s+2 y 1 y 2 y 3... y s S 1 E 1 S m y y 1 y s E m y 2 y y 1 checkpoint time needed to rebuild the chain time needed to find a matching endpoint Gildas Avoine Cracking Passwords with Time-memory Trade-offs 26
27 Ridge Functions Endpoints and checkpoints share the same nature. Each column contains a ridge function that outputs a (potentially empty) fingerprint of the chain. Endpoints are no longer stored. We no longer look for matching endpoints but for matching fingerprints. Gildas Avoine Cracking Passwords with Time-memory Trade-offs 27
28 Ridge functions (Avoine, Bourgeois, Carpent, 2012) S 1 F I N G ER S m y y 1 y s P R I N T S y 2 y y 1 ridges time needed to rebuild the chain time needed to find a matching endpoint Gildas Avoine Cracking Passwords with Time-memory Trade-offs 28
29 Fingerprint Tables Theorem The average amount of evaluations of h during the online phase using the fingerprint tables is: lt m T = N k=1 i 1 c i = t l W k = Q k = ( 1 m ) k 1 ( (Wk + Q k ) + 1 m ) lt (Wlt + Q lt ), N N, q c = 1 k (t c i ), P c = i=1 t ( 1 m ) i, N i=c t i 1 (q i q i+1 ), i=c j=c k (c i 1)(P ci + E ci ), E c = (m q c ) i=1 φ j t φ i. i=c Gildas Avoine Cracking Passwords with Time-memory Trade-offs 29
30 Windows NT LM Hash (Results) Cracking a 7-char (max) alphanumerical password (NT LM Hash) on a PC. Size of the problem: N = Brute Force TMTO Online Attack (op) Time 99 hrs 5.9 sec Precalculation (op) Time days Storage 0 16 GB Gildas Avoine Cracking Passwords with Time-memory Trade-offs 30
31 CONCLUSION Motivations Hellman Tables Oechslin Tables Real Life Examples Fingerprint Tables Conclusion
32 Limits of Cryptanalytic Time-memory Trade-offs A TMTO is never better than a brute force. TMTO makes sense in several scenarios. Attack repeated several times. Lunchtime attack. Attacker is not powerful but can download tables. Two conditions to perform a TMTO. Reasonably-sized problem. One-way function (or chosen plaintext attack on a ciphertext) Gildas Avoine Cracking Passwords with Time-memory Trade-offs 32
Rainbow Cracking: Do you need to fear the Rainbow? Philippe Oechslin, Objectif Sécurité. OS Objectif Sécurité SA, Gland, www.objectif-securite.
ainbow Cracking: Do you need to fear the ainbow? Philippe Oechslin, Objectif Sécurité 1 On the menu 1. ainbow tables explained 2. Who is vulnerable 3. Tools and history 4. What you should do about it 2
More informationTime-Memory Trade-Offs: False Alarm Detection Using Checkpoints
Time-Memory Trade-Os: False Alarm Detection Using Checkpoints Gildas Avoine 1, Pascal Junod 2, and Philippe Oechslin 1,3 1 EPFL, Lausanne, Switzerland 2 Nagravision SA (Kudelski Group), Switzerland 3 Objecti
More informationA novel time-memory trade-off method for password recovery
available at www.sciencedirect.com journal homepage: www.elsevier.com/locate/diin A novel time-memory trade-off method for password recovery Vrizlynn L.L. Thing*, Hwei-Ming Ying Institute for Infocomm
More informationAttacking NTLM with Precomputed Hashtables
Attacking NTLM with Precomputed Hashtables warlord warlord@nologin.org Contents 1 Introduction 2 2 The design of LM and NTLM 3 2.1 The LanMan disaster......................... 3 2.2 NTLM.................................
More informationAn Oblivious Password Cracking Server
An Oblivious Password Cracking Server Aureliano Calvo - aureliano.calvo@coresecurity.com Ariel Futoransky - ariel.futoransky@coresecurity.com Carlos Sarraute - carlos.sarraute@coresecurity.com Corelabs
More informationLecture Note 8 ATTACKS ON CRYPTOSYSTEMS I. Sourav Mukhopadhyay
Lecture Note 8 ATTACKS ON CRYPTOSYSTEMS I Sourav Mukhopadhyay Cryptography and Network Security - MA61027 Attacks on Cryptosystems Up to this point, we have mainly seen how ciphers are implemented. We
More informationPassword Cracking Beyond Brute-Force
Password Cracking Beyond Brute-Force by Immanuel Willi Most password mechanisms work by comparing a password against a stored reference value. It is insecure to store the whole password, so one-way functions
More informationNETWORK SECURITY: How do servers store passwords?
NETWORK SECURITY: How do servers store passwords? Servers avoid storing the passwords in plaintext on their servers to avoid possible intruders to gain all their users passwords. A hash of each password
More informationCRYPTANALYSIS OF HASH FUNCTIONS USING ADVANCED MULTIPROCESSING
CRYPTANALYSIS OF HASH FUNCTIONS USING ADVANCED MULTIPROCESSING Gómez J., Montoya F.G., Benedicto R., Jimenez A., Gil C. and Alcayde A. University of Almeria, Spain {jgomez, pagilm, rbenedicto, ajimenez,
More informationWindows XP Login Vulnerabilities
Windows XP Login Vulnerabilities A Case Study Using Ophcrack Yoan Hermida 12/1/2008 Hermida 2 Abstract This paper aims to demonstrate that the login process for Windows XP is inherently unsecure. It will
More informationProject: Simulated Encrypted File System (SEFS)
Project: Simulated Encrypted File System (SEFS) Omar Chowdhury Fall 2015 CS526: Information Security 1 Motivation Traditionally files are stored in the disk in plaintext. If the disk gets stolen by a perpetrator,
More informationOn the Security of Digital Video Broadcast Encryption
On the Security of Digital Video Broadcast Encryption Markus Diett October 26, 2007 Diploma Thesis Ruhr-Universität Bochum Chair for Communication Security (COSY) Prof. Dr.-Ing. Christof Paar Dipl.-Inf.
More informationWindows passwords security
IT Advisory Windows passwords security ADVISORY WHOAMI 2 Agenda The typical windows environment Local passwords Secure storage mechanims: Syskey & SAM File Password hashing & Cracking: LM & NTLM Into the
More informationUNICRYPT: A CONSTRUCTIVE APPROACH TOWARDS RAINBOW TABLE VULNERABILITY
UNICRYPT: A CONSTRUCTIVE APPROACH TOWARDS RAINBOW TABLE VULNERABILITY Mohit Dagar 1, Nandit Saini 2, Himanshu Naresh 3, Ashish Sankla 4 1 Student, Computer Science Department, G.B Pant Govt. Engineering
More informationCIS433/533 - Computer and Network Security Cryptography
CIS433/533 - Computer and Network Security Cryptography Professor Kevin Butler Winter 2011 Computer and Information Science A historical moment Mary Queen of Scots is being held by Queen Elizabeth and
More informationCommon Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/
Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Introduction to Cryptography What is cryptography?
More informationVulnerability scanning
Mag. iur. Dr. techn. Michael Sonntag Vulnerability scanning Security and Privacy VSE Prag, 7-11.6.2010 E-Mail: sonntag@fim.uni-linz.ac.at http://www.fim.uni-linz.ac.at/staff/sonntag.htm Institute for Information
More informationWINTER SCHOOL ON COMPUTER SECURITY. Prof. Eli Biham
WINTR SCHOOL ON COMPUTR SCURITY Prof. li Biham Computer Science Department Technion, Haifa 3200003, Israel January 27, 2014 c li Biham c li Biham - January 27, 2014 1 Cryptanalysis of Modes of Operation
More informationNESCO/NESCOR Common TFE Analysis: CIP-007 R5.3 Password Complexity
NESCO/NESCOR Common TFE Analysis: CIP-007 R5.3 Password Complexity National Electric Sector Cybersecurity Organization (NESCO)/NESCO Resource (NESCOR) DISCLAIMER OF WARRANTIES AND LIMITATION OF LIABILITIES
More informationPractical Attacks on DOCSIS
Practical Attacks on DOCSIS Who am I? @drspringfield Security researcher at Accuvant Work in embedded device security, reverse engineering, exploit dev No background in DOCSIS, but I find it interesting
More informationData Solutions WebPortal Account Creation
Data Solutions WebPortal Account Creation Introduction The WebPortal is a web-based customer service model introduced by Bloomberg in order to create a more robust and efficient customer service experience
More informationVulnerability scanning
Mag. iur. Dr. techn. Michael Sonntag Vulnerability scanning Security and Privacy VSE Prag, 9-13.6.2008 E-Mail: sonntag@fim.uni-linz.ac.at http://www.fim.uni-linz.ac.at/staff/sonntag.htm Institute for Information
More informationGPU-based Password Cracking
Radboud University Nijmegen Faculty of Science Kerckhoffs Institute Master of Science Thesis GPU-based Password Cracking On the Security of Password Hashing Schemes regarding Advances in Graphics Processing
More information1.1 Terminology and Assumptions
Attacks on Additive Encryption of Redundant Plaintext and Implications on Internet Security David A. McGrew and Scott R. Fluhrer mcgrew, sfluhrer @cisco.com Cisco Systems, Inc. 170 West Tasman Drive, San
More informationSpeeding up GPU-based password cracking
Speeding up GPU-based password cracking SHARCS 2012 Martijn Sprengers 1,2 Lejla Batina 2,3 Sprengers.Martijn@kpmg.nl KPMG IT Advisory 1 Radboud University Nijmegen 2 K.U. Leuven 3 March 17-18, 2012 Who
More informationSECURITY IN NETWORKS
SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,
More informationFive Steps to Improve Internal Network Security. Chattanooga ISSA
Five Steps to Improve Internal Network Security Chattanooga ISSA 1 Find Me AverageSecurityGuy.info @averagesecguy stephen@averagesecurityguy.info github.com/averagesecurityguy ChattSec.org 2 Why? The methodical
More informationPASSWORD CRACKING BASED ON SPECIAL KEYBOARD PATTERNS. Received September 2010; revised January 2011
International Journal of Innovative Computing, Information and Control ICIC International c 2012 ISSN 1349-4198 Volume 8, Number 1(A), January 2012 pp. 387-402 PASSWORD CRACKING BASED ON SPECIAL KEYBOARD
More informationProtecting against modern password cracking
Protecting against modern password cracking Are passwords still an adequate form of authentication? by Yiannis Chrysanthou, MSc (RHUL, 2012), and Allan Tomlinson (supervisor), ISG, Royal Holloway istockphoto/ronen
More informationBeyond files forensic OWADE cloud based forensic
Beyond files forensic OWADE cloud based forensic Elie Bursztein Stanford University Ivan Fontarensky Cassidian Matthieu Martin Stanford University Jean Michel Picod Cassidian 1 The world is moving to the
More informationCSE331: Introduction to Networks and Security. Lecture 20 Fall 2006
CSE331: Introduction to Networks and Security Lecture 20 Fall 2006 Announcements Homework 2 has been assigned: **NEW DUE DATE** It's now due on Friday, November 3rd. Midterm 2 is Friday, November 10th
More informationSecurity Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions
Security Awareness For Server Administrators State of Illinois Central Management Services Security and Compliance Solutions Purpose and Scope To present a best practice approach to securing your servers
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction
More informationHow To Understand And Understand The History Of Cryptography
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professors Jaeger Lecture 5 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 20 Public-Key Cryptography and Message Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Public-Key Cryptography
More informationPASSWORD CRACKING BASED ON LEARNED PATTERNS FROM DISCLOSED PASSWORDS. Received December 2011; revised April 2012
International Journal of Innovative Computing, Information and Control ICIC International 2013 ISSN 1349-4198 Volume 9, Number 2, February 2013 pp. 821 839 PASSWORD CRACKING BASED ON LEARNED PATTERNS FROM
More informationGENEVA COLLEGE INFORMATION TECHNOLOGY SERVICES. Password POLICY
GENEVA COLLEGE INFORMATION TECHNOLOGY SERVICES Password POLICY Table of Contents OVERVIEW... 2 PURPOSE... 2 SCOPE... 2 DEFINITIONS... 2 POLICY... 3 RELATED STANDARDS, POLICIES AND PROCESSES... 4 EXCEPTIONS...
More informationWindows 2003 Security Hints
Windows 2003 Security Hints christoph.schnidri@csnc.ch Security Event April 28, 2004 Pae 1 Aenda The Power of Group Policies Local Policies Active Directory Services (Oranizational Units) Group Policy
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 10 Authentication and Account Management Objectives Describe the three types of authentication credentials Explain what single sign-on
More informationPASSWORD ATTACKS AND GENERATION STRATEGIES
PASSWORD ATTACKS AND GENERATION STRATEGIES Predrag Tasevski Tartu University, Faculty of Mathematics and Computer Sciences, major: Master of Science in Cyber Security Abstract. Nowadays, attacking the
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationMessage authentication and. digital signatures
Message authentication and " Message authentication digital signatures verify that the message is from the right sender, and not modified (incl message sequence) " Digital signatures in addition, non!repudiation
More informationOverview of Cryptographic Tools for Data Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the
More informationMessage Authentication Codes. Lecture Outline
Message Authentication Codes Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Message Authentication Code Lecture Outline 1 Limitation of Using Hash Functions for Authentication Require an authentic
More informationLecture 4 Data Encryption Standard (DES)
Lecture 4 Data Encryption Standard (DES) 1 Block Ciphers Map n-bit plaintext blocks to n-bit ciphertext blocks (n = block length). For n-bit plaintext and ciphertext blocks and a fixed key, the encryption
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationSecure Remote Password (SRP) Authentication
Secure Remote Password (SRP) Authentication Tom Wu Stanford University tjw@cs.stanford.edu Authentication in General What you are Fingerprints, retinal scans, voiceprints What you have Token cards, smart
More informationassociate professor BME Híradástechnikai Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu, buttyan@crysys.
Information Security (bmevihim100) Dr. Levente Buttyán associate professor BME íradástechnikai Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu, buttyan@crysys.hu Outline - introduction
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationENCRYPTION. The Perils of Using the Wrong Approach to USB Flash Drive Security. Only Hardware Ensures that Data Stays In and Malware Stays Out
ENCRYPTION The Perils of Using the Wrong Approach to USB Flash Drive Security Only Hardware Ensures that Data Stays In and Malware Stays Out January 9, 2008 IRONKEY ENCRYPTION 350 million USB flash drives
More informationAll in a day's work: Password cracking for the rest of us
All in a day's work: Password cracking for the rest of us Jørgen Blakstad ITEM, NTNU Rune Walsø Nergård ITEM, NTNU Danilo Gligoroski ITEM, NTNU Martin Gilje Jaatun SINTEF ICT Abstract The majority of computer
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationElectronic Questionnaires for Investigations Processing (e-qip)
January 2016 Electronic Questionnaires for Investigations Processing (e-qip) Login Instructions for first-time users OR users that have had their accounts reset Step 1 Access the e-qip Login screen at
More informationThe State of Modern Password Cracking
SESSION ID: PDAC-W05 The State of Modern Password Cracking Christopher Camejo Director of Threat and Vulnerability Analysis NTT Com Security @0x434a Presentation Overview Password Hashing 101 Getting Hashes
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationCain & Abel v 2.5. Password Cracking Via ARP Cache Poisoning Attacks. v.1. Page 1 of 15
Cain & Abel v 2.5 Password Cracking Via ARP Cache Poisoning Attacks v.1 2004 Page 1 of 15 Objective: At the end of this lab students will be able to use the password auditing and ARP Poison Routing (APR)
More informationHash Functions. Integrity checks
Hash Functions EJ Jung slide 1 Integrity checks Integrity vs. Confidentiality! Integrity: attacker cannot tamper with message! Encryption may not guarantee integrity! Intuition: attacker may able to modify
More informationWireless Network Security - How to Analyse Different Protocols
A WEAKEST CHAIN APPROACH TO ASSESSING THE OVERALL EFFECTIVENESS OF THE 802.11 WIRELESS NETWORK SECURITY Berker Tasoluk 1 and Zuhal Tanrikulu 2 1 Department of Informatics, Istanbul University, Istanbul,
More informationIntro to Password Management. January 5, 2015
Intro to Password Management January 5, 2015 Listen up! A USERNAME and password combination has long been the standard security mechanism for online accounts. But that method just isn t cutting it anymore.
More informationChapter 7: Network security
Chapter 7: Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer: secure e-mail transport
More informationIronKey Data Encryption Methods
IronKey Data Encryption Methods An IronKey Technical Brief November 2007 Information Depth:Technical Introduction IronKey is dedicated to building the world s most secure fl ash drives. Our dedication
More informationDatasäkerhet och integritet
Chapter 7 Host Hardening Important Server Operating Systems Vulnerabilities and Patches Managing Users and Groups Managing Permissions Creating Strong Passwords Testing for Vulnerabilities Threats to Hosts
More informationAdvanced Security Issues in Wireless Networks
Advanced Security Issues in Wireless Networks Seminar aus Netzwerke und Sicherheit Security Considerations in Interconnected Networks Alexander Krenhuber Andreas Niederschick 9. Januar 2009 Advanced Security
More informationAC 2009-1697: EXPERIMENTS WITH COMPUTER PASSWORD CRACKING AND SHIELDING TECHNIQUES
AC 2009-1697: EXPERIMENTS WITH COMPUTER PASSWORD CRACKING AND SHIELDING TECHNIQUES Veeramuthu Rajaravivarma, State University of New York, Farmingdale V. Rajaravivarma is currently with the Electrical
More informationOpenSSL (lab notes) Definition: OpenSSL is an open-source library containing cryptographic tools.
Network security MSc IDL (GLIA) and MSc HIT / Isima Academic year 2012-2013 OpenSSL (lab notes) Definition: OpenSSL is an open-source library containing cryptographic tools. 1. OpenSSL usage Exercice 1.1
More informationSecurity in Outsourcing of Association Rule Mining
Security in Outsourcing of Association Rule Mining Wai Kit Wong, David Cheung, Ben Kao and Nikos Mamoulis, The University of Hong Kong Edward Hung, The Hong Kong Polytechnic University VLDB 2007, Vienna,
More informationCryptanalysis with a cost-optimized FPGA cluster
Cryptanalysis with a cost-optimized FPGA cluster Jan Pelzl, Horst Görtz Institute for IT-Security, Germany UCLA IPAM Workshop IV Special Purpose Hardware for Cryptography: Attacks and Applications December
More informationConfiguring Authentication for Microsoft Windows
Chapter 4 Configuring Authentication for Microsoft Windows In this chapter: Storing and Transmitting Credentials..............................69 Storing Secrets in Windows......................................83
More information3 Setting up Databases on a Microsoft SQL 7.0 Server
3 Setting up Databases on a Microsoft SQL 7.0 Server Overview of the Installation Process To set up GoldMine properly, you must follow a sequence of steps to install GoldMine s program files, and the other
More information1 Message Authentication
Theoretical Foundations of Cryptography Lecture Georgia Tech, Spring 200 Message Authentication Message Authentication Instructor: Chris Peikert Scribe: Daniel Dadush We start with some simple questions
More informationProxies. Chapter 4. Network & Security Gildas Avoine
Proxies Chapter 4 Network & Security Gildas Avoine SUMMARY OF CHAPTER 4 Generalities Forward Proxies Reverse Proxies Open Proxies Conclusion GENERALITIES Generalities Forward Proxies Reverse Proxies Open
More informationALL1682511. 500Mbits Powerline WLAN N Access Point. User s Manual
ALL1682511 500Mbits Powerline WLAN N Access Point User s Manual Contents 1. Introduction...1 2. System Requirements...1 3. Configuration...1 4. WPS...9 5. Wireless AP Settings...9 6. FAQ... 15 7. Glossary...
More informationCryptanalysis of Microsoft s PPTP Authentication Extensions (MS-CHAPv2)
Cryptanalysis of Microsoft s PPTP Authentication Extensions (MS-CHAPv2) Bruce Schneier Counterpane Systems schneier@counterpane.com Mudge L0pht Heavy Industries mudge@l0pht.com David Wagner UC Berkeley
More informationService Accounts A Secant Standards White Paper
Service Accounts A Secant Standards White Paper Publication No.:101 Version: 11/28/11 ABOUT STANDARDS Secant is pleased to publicly release several key technology standards for reference by our clients
More informationModes of Operation of Block Ciphers
Chapter 3 Modes of Operation of Block Ciphers A bitblock encryption function f: F n 2 Fn 2 is primarily defined on blocks of fixed length n To encrypt longer (or shorter) bit sequences the sender must
More informationOptum ID Migration for Provider Express Users
Introducing Optum ID FREQUENTLY ASKED QUESTIONS Optum ID Migration for Provider Express Users 1. What is Optum ID? A1. Optum ID is a centralized, secure identity management solution that enables a single
More information2006-331: PASSWORD AUDITING TOOLS
2006-331: PASSWORD AUDITING TOOLS Mario Garcia, Texas A&M University-Corpus Christi American Society for Engineering Education, 2006 Page 11.985.1 Password Auditing Tools Abstract A goal of computer system
More informationNetwork Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1
Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret
More informationThe Anonymous attack on HBGary. Jarib Rahman March 19 th, 2012
The Anonymous attack on HBGary Jarib Rahman March 19 th, 2012 Backg round December 2010: Anonymous takes down corporate websites of Bank of America, MasterCard, Visa, Paypal and others. This is retaliation
More informationNon-Obvious Bugs by Example
Gregor Kopf CONFidence 2011 What and why? Non-obvious (crypto) bugs As an example: two well-known CMS Easy to make, hard to spot Interesting to exploit Fun ;) How? The process from discovery to exploitation
More informationParallel Collision Search with Cryptanalytic Applications
Parallel Collision Search with Cryptanalytic Applications Paul C. van Oorschot and Michael J. Wiener Nortel, P.O. Box 3511 Station C, Ottawa, Ontario, K1Y 4H7, Canada 1996 September 23 Abstract. A simple
More informationSandeep Mahapatra Department of Computer Science and Engineering PEC, University of Technology s.mahapatra15101987@gmail.com
Computing For Nation Development, March 10 11, 2011 Bharati Vidyapeeth s Institute of Computer Applications and Management, New Delhi A Comparative Evaluation of Various Encryptions Techniques Committing
More informationOn the Security of Double and 2-key Triple Modes of Operation
On the Security of Double and 2-key Triple Modes of Operation [Published in L. Knudsen, d., Fast Software ncryption, vol. 1636 of Lecture Notes in Computer Science, pp. 215 230, Springer-Verlag, 1999.]
More informationFORENSIC ARTIFACTS FROM A PASS THE HASH (PTH) ATTACK BY: GERARD LAYGUI
FORENSIC ARTIFACTS FROM A PASS THE HASH (PTH) ATTACK BY: GERARD LAYGUI DISCLAIMER: THE VIEWS AND OPINIONS EXPRESSED IN THIS PRESENTATION ARE THOSE OF THE AUTHOR S AND DOES NOT NECESSARILY REPRESENT THE
More informationNETID Password Management
Competencies This document provides instructions on how to: Lookup your Account o Allows users to lookup their username, default password, Brookdale email address, Library 14 digit number, and ID number.
More informationLecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads
CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs
More informationlundi 1 octobre 2012 In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal
Symmetric Crypto Pierre-Alain Fouque Birthday Paradox In a set of N elements, by picking at random N elements, we have with high probability a collision two elements are equal N=365, about 23 people are
More informationWEB BASED Access Control/Time Attendance Software Manual V 1.0
WEB BASED Access Control/Time Attendance Software Manual V 1.0 2007/12/26 CONTENT 1. First Login...3 2. Terminal Setup...3 2.1 Add Terminal...4 2.2 Delete Terminal...5 2.3 Modify Terminal...5 2.4 List
More informationHow To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (
SAFETICA INSIGHT INSTALLATION MANUAL SAFETICA INSIGHT INSTALLATION MANUAL for Safetica Insight version 6.1.2 Author: Safetica Technologies s.r.o. Safetica Insight was developed by Safetica Technologies
More informationAcronyms and Initialisms Used in the TOMS Adding and Managing Users Guide
CAASPP System Table of Contents Introduction... 1 What s New in 2015 16 for the Test Operations Management System (TOMS) Adding and Managing Users... 1 About This Manual... 1 About TOMS... 1 Adding and
More informationThis presentation has been modified from its original version. It has been modified to fit your screen.
This presentation has been modified from its original version. It has been modified to fit your screen. TRIGGER WARNING THIS TALK IS DESIGNED TO OFFEND THE FOLLOWING GROUPS: PEOPLE WHO USE WEAK PASSWORDS
More informationWhat is network security?
Network security Network Security Srinidhi Varadarajan Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application
More informationLecture 6 - Cryptography
Lecture 6 - Cryptography CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07 Question 2 Setup: Assume you and I don t know anything about
More informationSingle Sign-On: Volunteer Connection & RCO Unique Email Clean Up Project. Release 1.0
Single Sign-On: Volunteer Connection & RCO Unique Email Clean Up Project Release 1.0 1 Contents 1. Reports for Single Sign On Preparation Overview 2. Progress Tracker 3. Steps to Download and Use the Clean
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationSecure Applications of Low-Entropy Keys
Secure Applications of Low-Entropy Keys John Kelsey Bruce Schneier Chris Hall David Wagner Counterpane Systems U.C. Berkeley {kelsey,schneier,hall}@counterpane.com daw@cs.berkeley.edu Abstract. We introduce
More information