New Technologies in Password Cracking Techniques

Aggarwal, Sudhir; Houshmand, Shiva; Weir, Matt

doi:10.1007/978-3-319-75307-2_11

Cited by 11 publications

(6 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In our program, we limited the generation of passcodes to numeric ones, while its extension to cover alphanumeric passcodes is straightforward. However, we would like to note that finding alphanumeric passcodes becomes more efficient when combined with dictionary attacks or other password-search techniques as described in [AHW18], which are out of the scope of this work.…”

Section: Highly Parallelized Passcode Recovery Utilizing Gpusmentioning

confidence: 99%

Let’s Take it Offline: Boosting Brute-Force Attacks on iPhone’s User Authentication through SCA

Lisovets

Knichel

Moos

et al. 2021

TCHES

View full text Add to dashboard Cite

In recent years, smartphones have become an increasingly important storage facility for personal sensitive data ranging from photos and credentials up to financial and medical records like credit cards and person’s diseases. Trivially, it is critical to secure this information and only provide access to the genuine and authenticated user. Smartphone vendors have already taken exceptional care to protect user data by the means of various software and hardware security features like code signing, authenticated boot chain, dedicated co-processor and integrated cryptographic engines with hardware fused keys. Despite these obstacles, adversaries have successfully broken through various software protections in the past, leaving only the hardware as the last standing barrier between the attacker and user data. In this work, we build upon existing software vulnerabilities and break through the final barrier by performing the first publicly reported physical Side-Channel Analysis (SCA) attack on an iPhone in order to extract the hardware-fused devicespecific User Identifier (UID) key. This key – once at hand – allows the adversary to perform an offline brute-force attack on the user passcode employing an optimized and scalable implementation of the Key Derivation Function (KDF) on a Graphics Processing Unit (GPU) cluster. Once the passcode is revealed, the adversary has full access to all user data stored on the device and possibly in the cloud.As the software exploit enables acquisition and processing of hundreds of millions oftraces, this work further shows that an attacker being able to query arbitrary many chosen-data encryption/decryption requests is a realistic model, even for compact systems with advanced software protections, and emphasizes the need for assessing resilience against SCA for a very high number of traces.

show abstract

Section: Highly Parallelized Passcode Recovery Utilizing Gpusmentioning

confidence: 99%

Let’s Take it Offline: Boosting Brute-Force Attacks on iPhone’s User Authentication through SCA

Lisovets

Knichel

Moos

et al. 2021

TCHES

View full text Add to dashboard Cite

show abstract

“…However, password generation based on real user passwords is shown to perform better. The most popular techniques are: Rulebased dictionary attacks, probabilistic context free grammars (PCFGs), Markov models, and machine learning techniques [32], [33]. The likelihood of each password can be calculated if we assign a probability to each production rule.…”

Section: Related Literaturementioning

confidence: 99%

“…It is different from assessing word-list quality [34], [35], or individual password strength [36], [37], [38], [39], as both are a separate line of research. As Aggarwal et al shows [32], PCFG parse trees are usually ambiguous which means, there can be multiple ways to produce a single word. Furthermore, if a capable adversary aims to determine the probability distribution of such data sets but doesn't know the original creation mechanism, they can get a completely different ranking order if for example a Markov model is used to rank a data set created by PCFG.…”

Section: Related Literaturementioning

confidence: 99%

The Theory and Practice of Magic Hash Based Attacks on Lightweight Cryptographic Hash Functions in Complex IoT Environments

Tihanyi

Borsos

2021

Security, Privacy, and Anonymity in Computation, Communication, and Storage

View full text Add to dashboard Cite

“…To understand password security, people have gone through several stages, from some heuristic methods that lack theoretical foundations to those algorithms that conform to strict probability models [2]. Since the emergence of Markov-based [3,4] and probabilistic context-free grammar-(PCFG-) based [5,6] password guessing algorithms, trawling password guessing has been intensively studied [7][8][9][10]. Recently, several large-scale personal information database leakage events have caused widespread concern in the security community [11][12][13][14].…”

Section: Introductionmentioning

confidence: 99%

Modified Password Guessing Methods Based on TarGuess-I

Xie

Zhang

Guo

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

TarGuess − I is a leading online targeted password guessing model using users’ personally identifiable information (PII) proposed at ACM CCS 2016 by Wang et al. It has attracted widespread attention in password security owing to its superior guessing performance. Yet, after analyzing the users’ vulnerable behaviors of using popular passwords and constructing passwords with users’ PII, we find that this model does not take into account popular passwords, keyboard patterns, and the special strings. The special strings are the strings related to users but do not appear in the users’ demographic information. Thus, we propose TarGuess − I + K P X , a modified password guessing model with three semantic methods, including (1) identifying popular passwords by generating top-300 lists from similar websites, (2) recognizing keyboard patterns by relative position, and (3) catching the special strings by extracting continuous characters from user-generated PII. We conduct a series of evaluations on six large-scale real-world leaked password datasets. The experimental results show that our modified model outperforms TarGuess − I by 2.62% within 100 guesses.

show abstract

New Technologies in Password Cracking Techniques

Cited by 11 publications

References 9 publications

Let’s Take it Offline: Boosting Brute-Force Attacks on iPhone’s User Authentication through SCA

Let’s Take it Offline: Boosting Brute-Force Attacks on iPhone’s User Authentication through SCA

The Theory and Practice of Magic Hash Based Attacks on Lightweight Cryptographic Hash Functions in Complex IoT Environments

Modified Password Guessing Methods Based on TarGuess-I

Contact Info

Product

Resources

About