0
Safe Passwords – In theory & practice<br />Akash Mahajan<br /><ul><li>Web Security Consultant
@makash on Twitter
http://akashm.com</li></ul>@makash | akashm.com - That Web Application Security Guy<br />
Something to think about<br />In Dec 2009 a hacker released 32 million passwords of the users of rockyou.com<br />It is a ...
Something to think about<br />A password analysis from rockyou.com revealed<br />All passwords were being stored in clear ...
Something to think about<br />Only 0.2% of all the passwords were what would be considered strong. <br />These passwords w...
Protecting User Information<br />User data protection has many different levels. This changes for financial data, medical ...
Protecting User Information<br />If our base goal is to protect the user login information stored in the database ( and no...
Different ways to store passwords in web apps<br />Passwords in clear text.<br />Simplest indicator, forgot password email...
@makash | akashm.com |  That Web Application Security Guy<br />What is hashing?<br />When we talk about hashing I mean “Cr...
@makash | akashm.com |  That Web Application Security Guy<br />What is hashing?<br />Ideally each digest/hash created by t...
Crypto Hash Functions<br />The most common ones being used for storing passwords are<br />MD5 – 32 bit <br />SHA-1  - 160 ...
What are Rainbow Tables<br />A rainbow table is a precomputed table for reversing cryptographic hash functions, usually fo...
Project Rainbow Crack<br />It is easier than it sounds<br />Image http://project-rainbowcrack.com<br />Tables can be downl...
What is a salt?<br />A salt consists of random bits consisting one of the inputs to a one-way function. <br />The other in...
What is a salt?<br />The benefit provided by using a salted password is rendering a simple dictionary attack against the s...
Clear text password attacks<br />Users reuse passwords, stolen passwords will be used to login to other websites. <br />Th...
Hashed password; no salt attacks<br />Passwords are stolen. The attacker has all the hashed passwords stored locally. <br ...
Hashed password; static salt attacks<br />Attacker steals database.<br />They will need to steal the static salt present i...
Hashed password; static salt attacks<br />Based on the length of the salt the storage of rainbow tables can become very hu...
Upcoming SlideShare
Loading in...5
×

Secure passwords-theory-and-practice

2,878

Published on

A look at the risks of not encrypting passwords in your web applications. Also a basic introduction to hashing passwords with salts.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,878
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
63
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Secure passwords-theory-and-practice"

  1. 1. Safe Passwords – In theory & practice<br />Akash Mahajan<br /><ul><li>Web Security Consultant
  2. 2. @makash on Twitter
  3. 3. http://akashm.com</li></ul>@makash | akashm.com - That Web Application Security Guy<br />
  4. 4. Something to think about<br />In Dec 2009 a hacker released 32 million passwords of the users of rockyou.com<br />It is a social gaming company.<br />Those passwords were the 1st instance of such a huge number of passwords being available for analysis<br />@makash | akashm.com | That Web Application Security Guy<br />
  5. 5. Something to think about<br />A password analysis from rockyou.com revealed<br />All passwords were being stored in clear text!<br />30% of the passwords were less than 6 characters<br />60% of the passwords were a limited set of alphanumeric <br />The most common password “123456”<br />@makash | akashm.com | That Web Application Security Guy<br />
  6. 6. Something to think about<br />Only 0.2% of all the passwords were what would be considered strong. <br />These passwords were longer than 8 characters<br />Contained a mixture of special characters, numbers and both upper and lower case.<br />23,000 passwords were set to “rockyou”<br />But even for the 0.2% people with strong passwords it didn’t matter, the passwords were still being stored in clear text.<br />Source: Imperva Consumer Passsword Practices report<br />@makash | akashm.com | That Web Application Security Guy<br />
  7. 7. Protecting User Information<br />User data protection has many different levels. This changes for financial data, medical data etc. <br />At the minimum if we assume the worst wherein either the server is hacked or the database is copied the first level of protection will be encryption. Based on the type of encryption and the strength of the keys the original data can be recovered. <br />@makash | akashm.com | That Web Application Security Guy<br />
  8. 8. Protecting User Information<br />If our base goal is to protect the user login information stored in the database ( and not travelling over the wire/network ) then we need to use 1 way encryption ( also called hashing ) with a salt  ( a randomly generated seed value ). <br />saltedhash(password) = hash(hash(password).salt)<br />@makash | akashm.com | That Web Application Security Guy<br />
  9. 9. Different ways to store passwords in web apps<br />Passwords in clear text.<br />Simplest indicator, forgot password email will give you the password!<br />Password is hashed<br />No way to get the original password back easily, forgot password will send a unique link<br />Password is hashed with a static salt<br />Password is hashed with a dynamic salt<br />@makash | akashm.com | That Web Application Security Guy<br />
  10. 10. @makash | akashm.com | That Web Application Security Guy<br />What is hashing?<br />When we talk about hashing I mean “Cryptographic hash function” only<br />From Wikipedia<br />A cryptographic hash function is a procedure that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional change to the data will change the hash value. The data to be encoded is often called the "message," and the hash value is sometimes called the message digest or simply digest.<br />
  11. 11. @makash | akashm.com | That Web Application Security Guy<br />What is hashing?<br />Ideally each digest/hash created by the hashing function is completely unique. <br />The hashing is defined as 1 way encryption. <br />Once you hash a message there is no way to get the original back from the digest/hash.<br />Till today MD5 is popular for most basic web applications not storing sensitive data. But SHA-1 and SHA-256 are preferred if you are going to implement your application now. <br />
  12. 12. Crypto Hash Functions<br />The most common ones being used for storing passwords are<br />MD5 – 32 bit <br />SHA-1 - 160 bit <br />SHA-256 – 256 bit<br />If this all looks so secure and hi-fi why do we need to do anything else with passwords?<br />@makash | akashm.com | That Web Application Security Guy<br />
  13. 13. What are Rainbow Tables<br />A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking password hashes. <br />Tables are usually used in recovering the plaintext password, up to a certain length consisting of a limited set of characters. It is a form of time-memory tradeoff, using less CPU at the cost of more storage. <br />The basic defence is to employ a salt to make this attack infeasible.<br />@makash | akashm.com | That Web Application Security Guy<br />
  14. 14. Project Rainbow Crack<br />It is easier than it sounds<br />Image http://project-rainbowcrack.com<br />Tables can be downloaded from the same website. <br />@makash | akashm.com | That Web Application Security Guy<br />
  15. 15. What is a salt?<br />A salt consists of random bits consisting one of the inputs to a one-way function. <br />The other input is usually a password or passphrase. <br />The output of the one-way function can be stored rather than the password, and still be used for authenticating users. <br />@makash | akashm.com | That Web Application Security Guy<br />
  16. 16. What is a salt?<br />The benefit provided by using a salted password is rendering a simple dictionary attack against the stored values rather impractical provided the salt is large enough.<br />Without salts, an attacker who is cracking many passwords at the same time only needs to hash each password guess once, and compare it to all the hashes. <br />@makash | akashm.com | That Web Application Security Guy<br />
  17. 17. Clear text password attacks<br />Users reuse passwords, stolen passwords will be used to login to other websites. <br />The attacker needs to just steal the database of the web application somehow. <br />Once that is done the passwords and email user names will yield many more accounts. <br />@makash | akashm.com | That Web Application Security Guy<br />
  18. 18. Hashed password; no salt attacks<br />Passwords are stolen. The attacker has all the hashed passwords stored locally. <br />All they need to do is run it against rainbow tables they have to get the original passwords. <br />Considering the basic passwords people choose this will yield many account credentials to them. <br />@makash | akashm.com | That Web Application Security Guy<br />
  19. 19. Hashed password; static salt attacks<br />Attacker steals database.<br />They will need to steal the static salt present in the source code of the application. <br />Once they have that then they can run their rainbow tables to get the original passwords.<br />@makash | akashm.com | That Web Application Security Guy<br />
  20. 20. Hashed password; static salt attacks<br />Based on the length of the salt the storage of rainbow tables can become very huge<br />For a salt with 12 bits 4096 possible salt values. Therefore 4096 rainbow tables at least. <br />@makash | akashm.com | That Web Application Security Guy<br />
  21. 21. Hashed password; dynamic salt attacks<br />Passwords are stolen. The attacker has all the hashed passwords stored locally. <br />Now to check against each and every hashed password they need to generate a dynamic salt for each user entry.<br />Even if two users have the same password after hashing with dynamic salt the hash created will look completely different. <br />@makash | akashm.com | That Web Application Security Guy<br />
  22. 22. Questions?<br />Any questions<br />About me<br />Akash Mahajan ( google me )<br />That Web Application Security Guy<br />Web Security Consultant<br />@makash on Twitter || http://akashm.com<br />@makash | akashm.com - That Web Application Security Guy<br />
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×