39 terms

Computer Security Chapter 3


Terms in this set (...)

Exploiting User Mistakes
If the system assigns a password, the the user is more likely to write it down because it is difficult to remember. This situation creates the potential for an adversary to read the written password. User may intentionally share a password, to enable a colleague to share files, for example. Social engineering hackers are able to trick user in revealing password.. Computer are shipped with reconfigured passwords for system administrators, unless they are changed they are easily guessed. Countermeasures: user training, intrusion detection, simple passwords combined with another authentication mechanism.
Exploiting Multiple password use
Attacks can also become much more effective or damaging if different network devices share the same or a similar password for a given users. Countermeasures: a policy that forbids the same of similar password on particular network devices.
Electronic Monitoring
Password is communicated across across a network to log on to a remote system, eavesdropping. Replay attack
Encrypted network links cannot solve this problem
(encrypted password is the password and can be observed and reused by adversary)
Salt Value
fixed length, this value is related to the time at which the password is assigned to the user.Serve as inputs to a hashing algorithm to prodcue a fixed-lenght hash code.Stored with corresponding user id. Secure for crptanalytic attacks.
What are the 3 purposes that salt serves?
1.)It prevents duplicate passwords from being visible in password file. Hashed passwords of two users (having same passwords) will differ
2.) Difficult of offline dictionary attacks: b bits, possible pswd increased by 2b
3.) Difficult to find out person with pswds on 2 more systems has used same pswd on all!
The attacked must take ea guess to submit hash function for salt value, multiplying # of guesses checked
Counter: password cracker
Explain the Salt Value Diagram?
Page 76
Unix Implementations
Original scheme used DES for hashing
12-bit salt
Password 8 character in length (forming 56-bit key)
Two-stage hashing
To slow hashing: Whole process is repeated 25 times
Result: 64-bit hash, then 64-bit block is translated to an 11-character sequence
NOW ITS WEAK e.g. supercomputer can process > 50 million password guesses in about 80 min: COMPATIBLE
What are some improved UNIX hash/salt schemes?
Scheme based on MD5 secure hash algorithm
48-bit salt
Unlimited password length
To slow hashing process: hashed with 1000 times (inner loop)
Result: 128-bit hash
OpenBSD uses Blowfish block cipher based hash algorithm called Bcrypt
128-bit salt
Password up to 55 characters
Result: 192-bit hash
How are passwords attempted to be cracked?
Dictionary attacks
Try each word then obvious variants in large dictionary against hash in password file (backward word spelling, additional #, characters)
Rainbow Table
For each password, attacker generates the hash values associated with each possible salt value.
A mammoth table of hash values (which increases attacker's storage space cost)
e.g. 1.4GB table cracks 99.9% of alphanumeric Windows passwords in 13.8 seconds (2003 results)
Not feasible if larger salt values used
What are some common password choices?
1.) Users may pick short passwords
e.g. 3% were 3 chars or less, easily guessed
system can reject choices that are too short
Hacker Keeps trying
Countermeasure: character limit of 8
What are some common password choices?
2.) Users may pick guessable passwords (street name, comn)
so crackers use lists of likely passwords (see next slide)
e.g. one study of 14000 encrypted passwords guessed nearly 1/4 of them
would take about 1 hour on fastest systems to compute all variants, and only need 1 break!
What are some password guessing strategies?
Try user's name, initials, account name, other relevant personal info: 130 permutations per user
Try words from dictionaries:60,000 words compiled
Try various permutations on words from last step
e.g. make the first letter upper case, make the entire word uppercase, reverse the word, etc.: 1 million words 2 list
Try various capitalization permutation on words from step 2 not considered in step 3: 2 million words to list
3 million total: Thinkinkimg Machines crack under 1 hour, 25% success rate!
Shadow Password File
Hashed passwords are kept in seperate file from user IDs
What are some vulnerabilities from a password file access control?
exploit O/S bug to extract password file
accident of protection renders password file readable
users with same password on other systems
access from unprotected backup media (poor physical security)
sniff passwords in unprotected network traffic
What are some extremes that occur with users making passswords?
Extreme 1: Many users choose passwords that are too short, too easy to guess
Extreme 2: System can assign random passwords to users, but users won't remember them
, the furthest or highest degree of something
What are the 4 goals in eliminating guessable passwords while allowing the user to select a password thats memorizable?
user education
computer-generated passwords
reactive password checking (e.g., "Jack the Ripper" password cracker)
proactive password checking (e.g., pam_passwdqc)
User Education
using hard to guess passwords and can be provided with guidelines for selecting strong passwords
Useful when there is a large user population
Computer-generated passwords
By forming pronounceable syllables and concatenating them to form a word (not random passwords that users can't remember)
Reacitve Password Checking
strategy is one in which the system periodoically runs its own password cracked to find guessable passwords. The system cancels any passwords that are guessed and notifies the user
EXL Jack the Ripper Password (existing passwords remain vulnerable until the reactive password checker finds them)
Proactive password checking
a user is allowed to select his or her own password, system checks to see if its allowable, if not rejects its ass. : Balance between user acceptability and strength
Rule Enforcement
8+ chars
upper/lower/numeric/punctuation (in first 8 charcters must include at least one of each)
Countermeasures: alerts crackers which passwords not to try
Password cracker (ensure a password is not on the "disapproved" list)
space issue: dictionary list must be large to be effective
time issue: search time is too long
Space (password cracker-"bad passwords dictionary)
The dictionary must be very large to be effective.
Ex:Purude study occupies more than 30 megabytes of storage
Time (password cracker-"bad passwords dictionary)
To check for likely permutations of dictionary words, those words must be included in dictionary making it truly huge!
Biometric Accuracy
If a user (User 1) is tested by the system many times, the matching score s will vary, with a pdf typically forming a Gaussian distribution
A different user (User 2) should have a much lower matching score that also exhibit a Gaussian pdf
(page 91)
Biometric Accuracy Chart
page 91
Biometric Accuracy
Tradeoff: Decrease in false match rate results in increase in false nonmatch rate
High security app may require a very low false match rate
so move t higher to the right
Forensic app may call for a low false nonmatch rate (because system is looking for possible candidates to check further)
so move t lower to the left
Reasonable tradeoff: Pick a t that corresponds to a point where rates are equal
Theoretical Biometric Accuracy
page 92
Actual Biometric Accurary Chart
page 92
Password Protocol-Nonce
host generates a roandom number r and returns it to user
host specifies two functions, h()and f() to be used in response
hash function of the user's password combined with the random number using the
function f.
The host stores the hash function of each registered user's password, depicted
as h(P(U)) for user U. When the response arrives, the host compares the incoming f(r, h(P)) to the calculated f(r, h(P(U))). If the quantities match, the user is
authenticated. Chart on 93
Token Protocol
remote user authentication (pg 94)
Static Biometric Protocol
remote user authentication (pg 94)
Dynamic Biometric Protocol
remote user authentication (pg 94)
Client Attacks
are those in which an adversary attempts to achieve user
authentication without access to the remote host or to the intervening communications path. The adversary attempts to masquerade as a legitimate user.
many bits are required to represent the
password. Another countermeasure is to limit the number of attempts that can be
made in a given time period from a given source.
attacker has no access to remote host or network link (e.g., guess password)
Limit attempts
Host attacks
directed at the user file at the host where passwords, token
passcodes, or biometric templates are stored.
e.g., password file)
context of passwords refers to an adversary's attempt
to learn the password by observing the user, finding a written copy of the password,
or some similar attack that involves the physical proximity of user and adversary.
example is keystroke logging
Countermeasure: Multi-factor authentication
involve an adversary repeating a previously captured
user response. The most common countermeasure to such attacks is the challenge-
response protocol.
Trojan horse
application or physical device masquerades as
an authentic application or device for the purpose of capturing a user password,
passcode, or biometric. The adversary can then use the captured information to
masquerade as a legitimate user. A simple example of this is a rogue bank machine
used to capture user ID/password combinations
attempts to disable a user authentication service by
flooding the service with numerous authentication attempts. Multi-factor (because attacker must first acquire token to initiate attack)