Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kiran Subramanyam ps2471@nyu.edu Password Cracking 1.

Published bySri Agusalim Modified over 5 years ago

Similar presentations

Presentation on theme: "Kiran Subramanyam ps2471@nyu.edu Password Cracking 1."— Presentation transcript:

1 Kiran Subramanyam Password Cracking 1

2 Introduction Password authentication is everywhere, but vulnerable.
In 1979, Robert Morris and Ken Thompson published “Password Security: A Case History”* which estimated that 86% of all passwords can be cracked. Two types of attacks: Online and Offline * 2

3 Online Attacks Try to login to a live system by trying various ID/password combinations. This method is not very efficient as it is time consuming. Most systems lock the account/ID after a certain number of unsuccessful attempts, a strategy known as “rate limiting”. 3

4 Offline Attacks Obtain objects (e.g. files) that store passwords.
But passwords are not stored in clear text. Most modern systems store either hashes of passwords or in an encrypted form. Therefore it is necessary to “crack” the passwords using various tools and techniques. 4

5 What is Hashing Hash functions map data of arbitrary size to data of fixed size (hash value or digest) with the following important properties: it is easy to compute the hash value for any given input text. it is infeasible to generate the input text from a given hash value (one way function). it is infeasible to find two different inputs with the same hash. Examples are MD5, SHA-1, SHA-256 etc. 5

6 Offline Attack Types Dictionary Attack – Build a list of candidate passwords and hash/encrypt each one to see if there is a match. Brute Force Attack – Systematically try all possible combinations of characters. Hybrid Attack – Try variations of each candidate based on mangling rules. Rainbow Table Lookups. 6

7 What are Rainbow Tables
A pre-computed table of hash values of all possible inputs (usually up to a given length). Such tables require large amounts of storage. Searching for values in a table is faster than computing large number of hashes. This represents a space/time trade-off in comparison with wordlist based attacks. Hash chains are a further optimization of Rainbow Tables to decrease their storage requirement. 7

8 Evolution of Cracking Traditional methods employ tools such as Cain and Able, John The Ripper etc. using CPU core power. Advanced tools use graphical processing units (GPUs) on video cards and load rainbow tables onto very fast solid state drives (SSDs). Tools like Hashcat, Rainbow Crack, Cryptohaze Multiforcer, etc., are GPU-supported tools that utilize the GPU cores for cracking the hashes. 8

9 CPU versus GPU Architecturally, the CPU is composed of a few cores with lots of cache memory that can handle a few software threads at a time. In contrast, a GPU is composed of hundreds of cores that can handle thousands of threads simultaneously. For e.g. a CPU core can execute four 32-bit instructions per clock, whereas a GPU like the Radeon HD 5970 can execute bit instructions per clock. 9

10 Time required to Crack 10 characters: 3.76 quadrillion possible combinations Cracking online using web app hitting a target site with one thousand guesses per second: 3.7 weeks. Cracking offline using high‐powered servers or desktops (one hundred billion guesses/second): hours Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second): seconds. 10

11 Defense: Salts Salt is random data that is used as an additional input to the hashing function and different for each password I,e. Hash value = hash(salt, password) Salts combat the use of rainbow tables because the size of the table increases exponentially with the length of the password. When cracking lists, use of salts negates any potential efficiency due to repeated passwords since salts make each hash value unique. 11

12 Defense: Expensive Hash
Typically hash functions are fast, but it also makes cracking them faster. Solution is to use expensive hash functions. bcrypt – Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower. scrypt – The algorithm was specifically designed to make it costly to perform large-scale custom hardware attacks by requiring large amounts of memory. 12

Download ppt "Kiran Subramanyam ps2471@nyu.edu Password Cracking 1."

Similar presentations

By Wild King. Generally speaking, a rainbow table is a lookup table which is used to recover the plain-text password that derives from a hashing or cryptographic.

By Wild King. Generally speaking, a rainbow table is a lookup table which is used to recover the plain-text password that derives from a hashing or cryptographic.
Use of a One-Way Hash without a Salt

Use of a One-Way Hash without a Salt
Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
Not for noobs…. What even is a GPU?  A GPU (Graphics Processing Unit) is piece of hardware(single chip processor) primarily used for computing 3D functions.

Not for noobs…. What even is a GPU?  A GPU (Graphics Processing Unit) is piece of hardware(single chip processor) primarily used for computing 3D functions.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.

CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
Nothing is Safe 1. Overview  Why Passwords?  Current Events  Password Security & Cracking  Tools  Demonstrations Linux GPU Windows  Conclusions.

Nothing is Safe 1. Overview  Why Passwords?  Current Events  Password Security & Cracking  Tools  Demonstrations Linux GPU Windows  Conclusions.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.

Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Calculating Discrete Logarithms John Hawley Nicolette Nicolosi Ryan Rivard.

Calculating Discrete Logarithms John Hawley Nicolette Nicolosi Ryan Rivard.
Passwords Breaches, Storage, Attacks OWASP AppSec USA 2013.

Passwords Breaches, Storage, Attacks OWASP AppSec USA 2013.
Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.

Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.
Databases and security continued CMSC 461 Michael Wilson.

Databases and security continued CMSC 461 Michael Wilson.
Mark Shtern. Passwords are the most common authentication method They are inherently insecure.

Mark Shtern. Passwords are the most common authentication method They are inherently insecure.
Brute Force Password Cracking and its Role in Penetration Testing Andrew Keener and Uche Iheadindu.

Brute Force Password Cracking and its Role in Penetration Testing Andrew Keener and Uche Iheadindu.
Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.

Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.

Similar presentations

Ads by Google