Passwords

Access Controls and Authentication

Readings Password Vulnerabilities

Why passwords have never been weaker…

Storing passwords A salt free diet is bad for your security… Threshold Cryptography….

Password Usage An analysis of ID-password usage… Password Composition Policies

Why do we keep doing this? Why it Pays to Submit to Hackers

New kinds of authentication Active Authentication Learn a password subconsciously… Risk-Based Authentication

Solutions to the Common Password Diceware Password Managers (1Password demo)

Password Vulnerabilities

Password Cracking The practice of inputting plaintext through an hashing algorithm and comparing the

result with a compromised hash compromised hash = computed hash You know the password (Input)

Dictionary attacks Comparing known words and their hashes to compromised hashes Exploit becomes 2 step process

Generate word lists Time and storage problem

Table Look-up

Known password lists 60% of newly compromised passwords are already in tables/cracked

100 million known passwords have been published online Exploit becomes a 1 step process

Generating word lists is less necessary Table Loop-up only

Hybrid attack Combines dictionary with intelligence gathered from know passwords

For Example: Gather all names from Facebook and combine with dictionary words

Hacker Password Analysis

Most capitalized letters are at the beginning of a password

Most numbers and special characters are at the end

Quite a lot of first name followed by year

Add number or special characters at the beginning or (usually) end

Mangling Super – sup34 Princess = Prince$$

Mirror images mypassworddrowssapym

SplashData’s25 Most Popular Passwords

for 20141. password (Unchanged) 13. 1234567 (Down 6)

2. 123456 (Unchanged) 14. sunshine (Up 1)

3. 12345678 (Unchanged) 15. master (Down 1)

4. abc123 (Up 1) 16. 123123 (Up 4)

5. qwerty (Down 1) 17. welcome (New)

6. monkey (Unchanged) 18. shadow (Up 1)

7. letmein (Up 1) 19. ashley (Down 3)

8. dragon (Up 2) 20. football (Up 5)

9. 111111 (Up 3) 21. jesus (New)

10. baseball (Up 1) 22. michael (Up 2)

11. iloveyou (Up 2) 23. ninja     (New)

12. trustno1 (Down 3) 24. mustang (New)

25. password1 (New)

compiled from files containing millions of stolen passwords posted online by hackers.

Just the facts John…

PC running with 1 AMD Radeon HD7970 GPU Process 8.2 billion password’s per second

The biggest boon to cracking passwords however is Theft of non-secure credential files Rockyou.com

32 million plaintext passwords 14 million after duplicates were removed Now there exists a database of commonly used

passwords If you can “crack” 8.2 billion per second how

fast do you think you can look one up?

Lets look at some numbers

Steven1961 10 characters 52 letters Password length = 10 so,

6210 = 839,299,365,868,340,224* /8 billion second** = 104,912,420.73 (1,748,540.35 minutes; 29,142.34 hours; 1,214.26 days;)

3.33 Years to crack but….

Hackers know our patterns so… 10 character, last 4 are numbers, 1st may be capitalized 52 x 26 x 26 x 26 x 26 x 26 x 10 x 10 x 10 x 10 / 8 billion =

772.29 seconds 12.87 minutes to crack

But what if Hacker goes to my Facebook page? 10 character, last 4 are numbers and they’re probably 1961 so… 52 x 26 x 26 x 26 x 26 x 26 +1961/ 8 billion =

.07 seconds to crack *eight hundred thirty nine quadrillion, two hundred ninety nine trillion, three hundred sixty five billion, eight hundred sixty eight million, three hundred forty thousand, two hundred twenty four

Copyright Pearson Prentice-Hall 2010

Password-Cracking Programs Brute-force password guessing

Try all possible passwords of Length 1, Length 2, etc. Thwarted by passwords that are long and complex

(using all keyboard characters) N is the password length, in characters

Alphabet, no case: N26 possible passwords Alphabet, upper and lower case (N52) Alphanumeric (letters and digits) (N62) All keyboard characters (~N80)

9

Server Password Cracking

GPU Cracking What is it?

Using a graphics card to brute-force passwords

How fast does it work? Millions of attempt per second GPU Bruteforcer 450 million per second, but…

It depends on hash How long would a 12 character password using , U,

l, 0-9, &^% take? 94⌃8 = 6,095,689,385,410,816

MD5 = 166 days? SHA-512 = 5,427 days? ~15 years Even 6 character password would take: ~15 hours

ArsTechnica Breach

What did this article have to say about salting passwords and choosing a hashing algorithm?

Hashing Password Algorithms

PBKDF2 To derive a key PBKDF2 does the following: DK = PBKDF2(PRF, Password, Salt, c, dkLen)

Where DK is the derived key, PRF is the preferred HMAC function (this can be a SHA-1/2 HMAC, the password is used as a key for the HMAC and the salt as text), c is the amount of iterations and dkLen is the length of the derived key.

A salt should, by definition of the standard, be at least 64-bits of length and the minimum amount of iterations should be 1024.

So using PBKDF2 you require the cracker to try 1024 attempts for each hash!

c can be increased making it slower

Hashing Password Algorithms

bcrypt currently the defacto secure standard

for password hashing. It’s derived from the Blowfish block

cipher which, to generate the hash, uses look up tables which are initiated in memory.

This means a certain amount of memory space needs to be used before a hash can be generated. This can be done on CPU

But using a GPU becomes a lot more cumbersome due to memory restrictions.

Hashing Password Algorithms

scrypt Has the same properties as bcrypt,

except that when you increase rounds, it exponentially increases calculation time and memory space required to generate the hash.

Newer then bcrypt so not as much security research vetting has been done

Easy Audit Question for SOX Compliance How are you hashing your passwords

Copyright Pearson Prentice-Hall 2010

Other Password Threats Keystroke Capture Software

Trojan horse displays a fake login screen, reports its finding to attackers

Shoulder Surfing Attacker watches as the victim types a

password Even partial information can be useful

Part of the password: P_ _sw_ _d Length of the password (reduces time to do brute-force

cracking) iPhone/smartphone keylogging (reported

10/18/2011) Decoding Vibrations From Nearby Keyboards Us

ing Mobile Phone Accelerometers Solution, keep smartphone away from your

keyboard15

Server Password Cracking

Storage Problem(For Cracking)

You can run all possible combinations of any size password through any hashing algorithm and store the results but… It takes terabytes of storage space

Hellman/Rainbow tables reduce the space requirement by storing only 1st password and last generated hash

GPU-assisted cracking has reduced the need for rainbow tables Passwords < 6 can be brute forced Passwords > 9 require terabytes of storage Passwords of 7, 8, or 9 are still vulnerable to rainbow

tables

Storing Passwords (Salting Hashes)

Start with the Obvious Passwords should not be stored ‘in the clear’

The LinkedIn Hack over six million passwords belonging to LinkedIn users have been compromised A file containing 6,458,020 SHA-1 unsalted password hashes has been posted on

the internet, and hackers are working together to crack them.

Stored passwords as SHA-1, but without ‘Salt’ So, password123 stored as: cbfdac6008f9cab4083784cbd1874f76618d2a97

Need for Salting Hash Rainbow Tables Salting means appending random characters at the beginning of a password and

than hashing it: So, password123 might be KiJqpassword123 51472f680dc6cc5ce44366d765ca71148f68e36c will be stored as: KiJq51472f680dc6cc5ce44366d765ca71148f68e36c Now any 2 password123 will have unique hashes not found in rainbow tables

Or at least it will be harder to create rainbow tables

Threshold Cyrptography

Complex math but simple idea

Take a password Divide it Hash the pieces Store the pieces on separate servers

Increases the exploits that have to be carried out to get the pieces

Need a way to determine how to put the pieces together again

RSA Distributed Credential Protection

How Does it Work

RSA Video (sometimes it works)

Why all this fuss? An Analysis of ID-password usage (Bank,

Lee, Bae and Ahn, 2012)

What were the highlight of this article?

Analysis of ID-Password

Usage Users are usually the weakest link

Choose weak/simple passwords Password memorability can be difficult Can anyone remember the password from the wiki

cartoon? Reuse the passwords on multiple sites Even if your site has strong security (?) a weaker

site with the same password could compromise your site

Study examines: Re-use of login credentials Creation of Vulnerability Index

Re-useItem Mean

Number of Sites 105.7

Number of Unique IDs 6.6

Number of Unique passwords 4.7

Number of Unique log-in credentials

11.8

ID re-use ratio 19.1

Password re-use ratio 29.2

Log-in credentials re-use 10.5

% of used unique log-in credentials

45.6%

Class Results

How many different websites do you have that require you to authenticate with login credentials (username/password)? Mean = 58.3 (Fall 2014), 30.167 (Spring

2015)

Think of your answer to the previous poll, how many logins (username/passwords) that you are using are unique to each website? Mean = 9.26 (Fall 2014), 10.9 (Spring

2015)

Vulnerability Index

Network Theory Sites with same log-in

credentials (node) Connected nodes use

same log-in credentials (component)

Unique log-in credentials (isolate)

Inclusiveness - # of connected nodes / total nodes (12/14 = 85.7%) Largest:Network (5/14

= 35.7%) 2nd Largest:Network

(28.6%) 3rd Largest:Network

(21.4%)

VI – Result from Study

Item Mean

Inclusiveness 0.94 Use the same log-in credentials

Largest component 0.54

2nd largest component

0.18 0.72 (cumulative)

3rd largest component

0.09 0.81 (cumulative)

Vulnerability Index

0.38

•3 most frequently used log-in combinations use in 81% of sites vs. 11.8 unique log-in credentials•VI = expected proportion of sites subject to potential breaches if a breach at one site occurs• Larger values of VI indicate higher levels of vulnerability

Reducing VI Reducing the number of sites where log-in

credential combinations are used (reduce component size)

Increasing the number of different log-in credentials

Thus, vulnerability can be decreased without increasing: ID’s, PW’s or log-in credential combinations

Implications Firms need a network perspective

Firms can be compromised due to outside company security lapses

Firms should implement different log-in credentials procedures other than (ID/PW)

Policy makes need to enforce log-in credential implementation critical

Public awareness of the problem needs to be improved Discrepancy-enlarging feedback loop

Cybernetic Theory Discrepancy-enlarging feedback

used to explain avoidance behavior Compare your present state to undesired

state

Present

State

Avoidance State

Password Composition

Policies What is a password composition policy?

What is the UCF policy for NIDs?

How do password composition policies effect user behavior?

What is entropy? a measure (in bits) of the expected value of information

contained in the password. Shannon introduced the notion of information entropy, and subsequently developed a method to estimate entropy in printed English using n-grams.

Massey showed that entropy provides a lower bound on the expected number of guesses required to identify information; this result connects the entropy in passwords with an attacker’s ability to guess them using a brute- force attack.

Different Policies Basic8Survey

Password must have a minimum of 8 characters

18 bits of entropy To link your survey response

Basic8 Password must have a

minimum of 8 characters To update from e-mail breach

Basic16 Password must have a

minimum of 16 characters 30 bits of entropy To update from e-mail breach

Dictionary8 Password must have a minimum

of 8 characters Password can NOT be a

dictionary word 24 bits of entropy To update from e-mail breach

Comprehensive8 Password must have a minimum

of 8 characters Password can NOT be a

dictionary word Must have 1 upper, 1 lower, 1

numerical, 1 special character Must not contain a dictionary

word 30 bits of entropy To Update from e-mail breach

Major Findings Entropy Calculation:

we calculate individually the entropy contributed by password length; by number and placement of each class of character (lowercase, uppercase, numbers, symbols); and by the content of each character. The sum of these values is our estimate of the entropy of a password distribution.

Each condition had significantly different entropy Except for Dictionary8 and Basic8 (28.99 vs. 29.43)

16 character minimum provides greatest entropy with relatively low levels of usability issues (44.67)

Dictionary checks reduced cracking of most passwords via a heuristics But made selecting passwords more difficult and annoying to users

Most participants write down or store their passwords electronically

Users created passwords that exceeded the minimum requirements

Why do we choose weak passwords?

We know we need strong passwords

We know we need to back-up our computers

In general We don’t do it, why? Economics:

Cost (Time & Energy) Now

Benefit, sometime in the future – maybe!

Black Swan incident – what is this?

Hyperbolic discounting – what is this?

Fixes: Binding Mechanisms

Allow a new site/app to remind in the future to update my credentials

Secure Defaults I say use a password manger

User Friendliness Make credentials easier for

humans Face recognition vs

character string memorization

Incentives Discount for using strong

passwords Costs for not – Why are CC

companies responsible for your lack of a strong password?

Can we strengthen security of

passwords? Use Password Manager

1Password Roboform

Password Based Key Derivation Function Version 2 (PBKDFV2) Systems using PBKDFV2

Copyright Pearson Prentice-Hall 2010 33

I have two pets named Fred and Alice Ihave2pets:Fred&Alice Looks pretty secure but…

Use Spaces to help you remember I have 2 pets: Fred & Alice

Don’t tell the truth: I have 3 pets: LeBron, Dwane & Chris

Don’t make sense: I have 35 pets: LeBron, Dwane & Chris

Avoid predictable phrases I have 35 pets: Lebron, Dwane & Amy

But this is still predicatable

1Passwords password system

Copyright Pearson Prentice-Hall 2009 34

Introduce randomness into passwords

Roll dice to select word

Roll dice again to select next word

Continue

Diceware Passwords (Arnold Reinhold)

Copyright Pearson Prentice-Hall 2010 35

How Many words? Password vs. Passphrase

Password Usually 4-10 characters (2 Diceware words) Insert random special character between 2 words

Passphrase 20-40 characters (4-5 Diceware words) Entropy

How hard will it be for an attacker to know the passphrase given the method of selection, measured in bits Flip of a coin = 1 bit of entropy

Diceware word = 12.9 bits of entropy 4 words: 51.6 (use at least 11 characters) 5 words: 64.6 6 words:77.5 (use at least 17 characters) 7 words:90.4 (use at least 20 charcters) 10 word: 128

For passphrases for encryption, 6 is recommended

Finally… Even Stronger

Insert your own word into the set of Diceware words P35:LD&A + Diceware words

How many characters?

39

Password Complexity and Length are

both Crucial

Active Authentication

What is it?

How will it work?

AA – What is it? Authentication based on how you perform

tasks Distinct Behavioral Characteristics Cognitive fingerprint

Keyboard Dynamics Length of time to hold down a key, and time to

move to another key Mice movement

These repetitive movement are not controlled by deliberate thought and therefore hard to mimic

AA – How will it work?

Lets Play a Game Pro’s

Con’s

Risk Based Authentication

How do Hacker’s Do with their Passwords

"There [were] a lot of variations of the word pass and root and also hax was used many times, but if I omit one common 4-letter word, the most frequently used word in this dictionary is hack," Hýža wrote. "It is worth mentioning that many PHP shells I analysed had only default passwords like r57, c99, password or yourpass."

http://arstechnica.com/security/2014/06/its-official-malicious-hackers-have-crappy-password-hygiene-too/

Provided Links by Anonymous

Password Manager Reviews http://online-password-manager-review.toptenrev

iews.com

Password Management Guide http://www.makeuseof.com/pages/the-password-

management-guide-fulltext