Password

Protection

Sanjay Goel 1
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Basic Problem
• How do you prove to
someone that you are who • What you know
you claim to be? – Passwords
– Any system with access
control must solve this – Secret key
problem
• Where you are
– IP address

• What you are

– Biometrics

• What you have

– Secure tokens

Sanjay Goel 2
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Authentication

• User has a secret password. • How is the password

• System checks it to stored?
authenticate the user. • How does the system
– Vulnerable to eavesdropping check the password?
when password is • How easy is it to guess
communicated from user to
system the password?
– Easy-to-remember
passwords tend to be
easy to guess
– Password file is
difficult to keep
secret

Sanjay Goel 3
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Windows Passwords
• Set or change password  Windows generates a LM hash and a NT hash.
• Two hashing functions used to encrypt passwords
– LAN Manager hash (LM hash)
– Password is padded with zeros until there are 14 characters.
– It is then converted to uppercase and split into two 7-character pieces
– Each half is encrypted using an 8-byte DES (data encryption standard) key
– Result is combined into a 16-byte, one way hash value
– NT hash (NT hash)
– Converts password to Unicode and uses MD4 hash algorithm to obtain a
16-byte value
• Hashes are stored in the Security Accounts Manager database
– Commonly known as “ SAM” or “the SAM file”
• SAM is locked by system kernel when system is running.
– File location: C:\WINNT\SYSTEM32\CONFIG
• SYSKEY

Sanjay Goel 4
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Unix Passwords

• Uses modified DES as if it • Problem: passwords are not truly

were a hash function random
– With 52 upper- and lower-case letters,
– Encrypt NULL string using
10 digits and 32 punctuation symbols,
password as the key there are 948  6 quadrillion possible 8-
– Truncates character passwords
passwords to 8 – Humans like to use dictionary words,
characters! human and pet names  1 million
common passwords
– Artificial slowdown: run DES
– On average each person has 8-12 passwords:
25 times
– Different systems impose different
– Can instruct modern UNIXes requirements on passwords.
to use MD5 hash function
– Passwords need to be changed often.
– Some passwords are used occasionally
(once a year).
Sanjay Goel 5
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Password
Impact on Security
What we found on Al Qaeda computers were two things:

1) Simple hacking tools are available to anyone who looks

for them on the Internet.
2) Tools such as LOphtCrack allow admittance into
almost anyone's account if a simple eight-digit
password is used. People are frightened when they learn
that using only an eight-digit password with standard
numbers and letters will allow anyone to figure out their
passwords in less than two minutes when one downloads
a publicly available tool like LOphtCrack from the
Internet. This was the kind of tool which we found,
nothing terribly sophisticated. -- Richard Clark,
Presidents Advisor on Cyber Security (2001-2003)

Sanjay Goel 6
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Methods of Attack
• Dictionary Attack
– Quick technique that tries every word in a specific dictionary

• Hybrid Attack
– Adds numbers or symbols to the end of a word

• Brute Force Attack

– Tries all combinations of letters, numbers & symbols

• Popular programs for Windows password cracking

– LC4
– Sam Inside
– Crack
– John the Ripper (JTR)

Sanjay Goel 7
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Dictionary Attack

• Password file /etc/passwd • Dictionary attack is possible

is world-readable because many passwords
come from a small dictionary
– Contains user IDs and – Attacker can compute H(word)
group IDs which are used for every word in the dictionary
by many system programs and see if the result is in the
password file
– With 1,000,000-word
dictionary and assuming 10
guesses per second, brute-force
online attack takes 50,000
seconds (14 hours) on average
– This is very conservative.
Offline attack is much
faster!

Sanjay Goel 8
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Security Levels

Filing System
Clear text

Dedicated Authentication Server

Clear text

Encrypted
Password + Encryption = bf4ee8HjaQkbw

Hashed
Password + Hash function = aad3b435b51404eeaad3b435b51404ee

Salted Hash
(Username + Salt + Password) + Hash function =
e3ed2cb1f5e0162199be16b12419c012

Sanjay Goel 9
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Hashing

• Instead of user password, store • Hash function H must have

hash of password some properties
• When user enters password, – One-way: given H(password),
compute its hash and compare hard to find password
with entry in password file – No known algorithm better
– System does not store actual than trial and error
passwords! – Collision-resistant: given
H(password1), hard to find
password2 such that
H(password1)=H(password2)
– It should even be hard to
find any pair p1,p2 s.t.
H(p1)=H(p2)
Sanjay Goel 10
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Salting
• Salting requires adding a random piece of data and to the password before
hashing it.
– This means that the same string will hash to different values at different times
– Users with the same password have different entries in the password file
– Salt is stored with the data that is encrypted
• Hacker has to get the salt add it to each possible word and then rehash the
data prior to comparing with the stored password.

Sanjay Goel 11
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Salting Advantages

• Without salt, attacker • With salt, attacker

can pre-compute must compute hashes
hashes of all dictionary of all dictionary
words once for all words once for each
password entries password entry
– Same hash function on – With 12-bit random
all UNIX machines salt, same password
– Identical passwords can hash to 212
hash to identical different hash values
values; one table of – Attacker must try all
hash values can be used dictionary words for
for all password files each salt value in the
password file
Sanjay Goel 12
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Iteration Count
• The same password can be rehashed many times over to make
it more difficult for the hacker to crack the password.
• This means that the precompiled dictionary hashes are not
useful since the iteration count is different for different
systems
– Dictionary attack is still possible!

Sanjay Goel 13
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Shadow

• Utilized in UNIX systems

• Store hashed passwords in /etc/shadow

file which is only readable by system
administrator (root)

• Add expiration dates for passwords

• Early Shadow implementations on

Linux called the login program which
had a buffer overflow!
Sanjay Goel 14
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Authentication Protocols

• Set of rules that governs the • TIME STAMP

communication of data related to – The authentication from the
authentication between the server client to server must have
and the user time-stamp embedded
• TRANSFORMED PASSWORD
– Server checks if the time is
– Password transformed using reasonable
one way function before
transmission – Protects against replay
– Prevents eavesdropping but not – Depends on synchronization of
replay clocks on computers
• CHALLENGE-RESPONSE • ONE-TIME PASSWORD
– Server sends a random value – New password obtained by
(challenge) to the client along passing user-password through
with the authentication request. one-way function n times
This must be included in the which keeps incrementing
response – Protects against replay as well
– Protects against replay as eavesdropping
Sanjay Goel 15
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Challenge Response

• User and system share a – Freshness: if challenge is fresh

secret key and unpredictable, attacker on
the network cannot replay an
• Challenge: system presents old response
user with some string – For example, use a fresh
• Response: user computes random number for each
challenge
response based on secret
key and challenge • Good for systems with pre-
– Secrecy: difficult to recover installed secret keys
key from response – Car keys; military friend-or-
– One-way hashing or foe identification
symmetric encryption
work well

Sanjay Goel 16
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Improving Security

•Add biometrics • Rely on the difficulty of

– For example, keystroke computer vision
dynamics or voiceprint – Face recognition is easy for
– Revocation is often a problem humans, hard for machines
with biometrics – Present user with a sequence
•Graphical passwords of faces, he must pick the
right face several times in a
– Goal: increase the size of
row to log in
memorable password space
• Other examples
– Click on a series of pictures
in order
– Drawing a picture
– Clicking four correct points
on a picture

Sanjay Goel 17
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Personal Token Authentication

• Personal Tokens are hardware – Storage Token: A secret value that

devices that generate unique is stored on a token and is available
strings that are usually used in after the token has been unlocked
using a PIN
conjunction with passwords for
authentication – Synchronous One-time Password
Generator: Generate a new
• A variety of different physical password periodically (e.g. each
forms of tokens exist minute) based on time and a secret
– e.g. hand-held devices, Smart code stored in the token
Cards, PCMCIA cards, USB – Challenge-response: Token
tokens computes a number based on a
• Different types of tokens exist: challenge value sent by the server
– Digital Signature Token: Contains
the digital signature private key and
computes a computes a digital
signature on a supplied data value

Sanjay Goel 18
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Biometric Authentication

• Uses certain biological • Different techniques

characteristics for exist
authentication – Fingerprint Recognition
– Biometric reader – Voice Recognition
measures physiological – Handwriting Recognition
indicia and compares
them to specified values – Face Recognition
– It is not capable of – Retinal Scan
securing information – Hand Geometry
over the network Recognition

Sanjay Goel 19
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Fingerprint Authentication

• Unique patterns in peoples

fingerprints are used for unique
identification
• Most tested of all biometric
systems
• Commonly used in crime labs
for forensic investigations

Sanjay Goel 20
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Iris Authentication

• The scanning process takes

advantage of the natural patterns
in people's irises, digitizing them
for identification purposes.
– Probability of two irises producing
exactly the same code: 1 in 10 to the
78th power
– Independent variables (degrees of
freedom) extracted: 266
– IrisCode record size: 512 bytes
– Operating systems compatibility:
DOS and Windows (NT/95)
– Average identification speed
(database of 100,000 IrisCode
records): one to two seconds
Sanjay Goel 21
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Protection/Detection

Protection:
– Disable storage of LAN Manager hashes.
– Configure both Local and Domain Account Policies
(Password & Account Lockout Policies).
– Audit access to important files.
– Implement SYSKEY security on all systems.
– Set BIOS to boot first from the hard drive.
– Password-protect the BIOS.
– Enforce strong passwords!
– Change your passwords frequently.
– Use two or three factor authentication.
– Use one time passwords.

Sanjay Goel 22
University at Albany, School of Business
NYS Center for Information Forensics and Assurance
 Passwords
Ten Common Mistakes

1. Leaving passwords blank or unchanged from default value.

2. Using the letters p-a-s-s-w-o-r-d as the password.
3. Using a favorite movie star name as the password.
4. Using a spouse’s name as the password.
5. Using the same password for everything.
6. Writing passwords on post-it notes.
7. Pasting a list of passwords under the keyboard.
8. Storing all passwords in an Excel spreadsheet on a PDA or
inserting passwords into a rolodex.
9. Writing all passwords in a personal diary.
10. Giving the password to someone who claims to be the
system administrator.

Sanjay Goel 23
University at Albany, School of Business
NYS Center for Information Forensics and Assurance