Kieon secure passwords theory and practice 2011


Published on

Kieon company presentation on password security.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Kieon secure passwords theory and practice 2011

  1. 1. Safe Passwords – In theory & practice Akash Mahajan
  2. 2. Something to think about <ul><li>In Dec 2009 a hacker released 32 million passwords of the users of a social gaming company </li></ul><ul><li>Those passwords were the first instance of such a huge number of passwords being available for analysis </li></ul><ul><li>This provided the security sector with an unparalleled opportunity to see what ‘real people’ do when it comes to password security </li></ul>
  3. 3. Something to think about <ul><li>Password analysis from the data revealed: </li></ul><ul><ul><li>The most common password was; 123456 </li></ul></ul><ul><ul><li>30% passwords were less than 6 characters </li></ul></ul><ul><ul><li>60% passwords were a limited set of alphanumeric (A-Z, a-z, 0-9) characters </li></ul></ul><ul><ul><li>23,000 passwords were set to; rockyou </li></ul></ul><ul><ul><li>Source: Imperva Consumer Password Practices report </li></ul></ul>
  4. 4. Something to think about <ul><li>Password analysis from the data revealed: </li></ul><ul><ul><li>Only 0.2% of all the passwords were what could be considered strong </li></ul></ul><ul><ul><li>These passwords were longer than 8 characters </li></ul></ul><ul><ul><li>They contained a mixture of special characters, numbers and both upper and lower case </li></ul></ul><ul><li>But even for the 0.2% strong passwords it didn’t matter as they were stored in the database in clear text… </li></ul><ul><ul><li>Source: Imperva Consumer Password Practices report </li></ul></ul>
  5. 5. Protecting User Information <ul><li>User data protection requires many different levels. This changes for the type of data stored; financial data, medical data etc. </li></ul><ul><li>At a minimum if we assume the worst where either the server is hacked or the database is copied the first level of protection needs to be encryption </li></ul><ul><li>The effort required to recover the data is based on the type of encryption and the strength of the keys </li></ul>
  6. 6. Different ways to store passwords <ul><li>Passwords in clear text. </li></ul><ul><ul><li>Simplest indicator if this is used, forgot password email will give you the password! </li></ul></ul><ul><li>Password is hashed </li></ul><ul><li>Password is hashed with a static salt </li></ul><ul><li>Password is hashed with a dynamic salt </li></ul><ul><ul><li>No way from any of the above to get the original password back easily, forgot password will send a unique link </li></ul></ul>
  7. 7. Hashing a password <ul><li>If our most fundamental goal is to protect the user login information stored in the database (not whilst it is travelling over the network/ cloud) then we need to use 1 way encryption (also called hashing) with a salt (a randomly generated seed value) </li></ul><ul><li>saltedhash(password) = hash(hash(password).salt) </li></ul>
  8. 8. Hashing a password <ul><li>Ideally each digest/hash created by the hashing function is completely unique. </li></ul><ul><li>The hashing is defined as 1 way encryption. </li></ul><ul><li>Once you hash a message there is no way to get the original back from the digest/hash. </li></ul><ul><li>Till today MD5 is popular for most basic web applications not storing sensitive data. But SHA-1 and SHA-256 are preferred if you are going to implement your application now </li></ul>
  9. 9. What is hashing? <ul><li>When we talk about hashing we mean a “ Cryptographic hash function ” only </li></ul><ul><li>From Wikipedia </li></ul><ul><li>“ A cryptographic hash function is a procedure that takes an arbitrary block of data and returns a fixed-size bit string, the (cryptographic) hash value, such that an accidental or intentional change to the data will change the hash value. The data to be encoded is often called the &quot;message,&quot; and the hash value is sometimes called the message digest or simply digest.” </li></ul>
  10. 10. Crypto Hash Functions <ul><li>The most common ones being used for storing passwords are </li></ul><ul><ul><li>MD5 – 32 bit </li></ul></ul><ul><ul><li>SHA-1 - 160 bit </li></ul></ul><ul><ul><li>SHA-256 – 256 bit </li></ul></ul><ul><li>If this all looks so secure and impressive why do we need to do anything else with passwords? </li></ul>
  11. 11. What are Rainbow Tables? <ul><li>A rainbow table is a precomputed table for reversing cryptographic hash functions, usually for cracking password hashes </li></ul><ul><li>Tables are usually used in recovering plaintext passwords, up to a certain length consisting of a limited set of characters </li></ul><ul><li>It is a form of time-memory trade-off, using less CPU at the cost of more storage </li></ul><ul><li>The basic defence is to employ a salt to make this attack unfeasible </li></ul>
  12. 12. Project Rainbow Crack <ul><li>It is easier than it sounds </li></ul><ul><li> </li></ul><ul><li>Tables can be downloaded from the same website </li></ul>
  13. 13. What is a salt? <ul><li>A salt consists of random bits consisting one of the inputs to a one-way function. </li></ul><ul><li>The other input is usually a password or passphrase </li></ul><ul><li>The output of the one-way function can be stored rather than the password and still be used for authenticating users </li></ul>
  14. 14. What is a salt? <ul><li>The benefit provided by using a salted password is rendering a simple dictionary attack against the stored values impractical (provided the salt is large enough) </li></ul><ul><li>Without salts an attacker who is working on cracking many passwords at the same time, only needs to hash each password guess once, and compare it to all the hashes </li></ul>
  15. 15. Clear text password attacks <ul><li>Users reuse passwords, stolen passwords will be used to login to other websites </li></ul><ul><li>The attacker needs to just steal the database of the web application and they have all the information they need </li></ul><ul><li>Once that is done the passwords and email user names will yield many more accounts </li></ul><ul><li>Time taken to steal user data: 1 minute </li></ul>
  16. 16. Hashed password; no salt attacks <ul><li>Passwords are stolen. The attacker has all the hashed passwords stored locally </li></ul><ul><li>All they need to do is run the data against rainbow tables to get the original passwords </li></ul><ul><li>Considering the basic passwords people choose this will yield many account credentials to them </li></ul><ul><li>Time Taken to steal data </li></ul><ul><ul><li>1 – 4 hours (depending on the strength of the passwords) </li></ul></ul>
  17. 17. Hashed password; static salt attacks <ul><li>Attacker steals database and static salt present in the source code of the application </li></ul><ul><li>Once they have this then they can run their rainbow tables to get the original passwords </li></ul><ul><li>Based on the length of the salt the storage of rainbow tables can become very huge </li></ul><ul><li>For a salt with 12 bits 4096 possible salt values. therefore 4096 rainbow tables at least </li></ul><ul><li>Time taken to steal the data </li></ul><ul><ul><li>Once salt is cracked, 4 – 6 hours </li></ul></ul>
  18. 18. Hashed password; dynamic salt attacks <ul><li>Passwords are stolen. The attacker has all the hashed passwords stored locally </li></ul><ul><li>Now to check against each and every hashed password they need to generate a dynamic salt for each user entry </li></ul><ul><li>Even if two users have the same password after hashing with dynamic salt the hash created will look completely different </li></ul><ul><li>Time taken to steal data </li></ul><ul><ul><li>2 – 4 days minimum </li></ul></ul>
  19. 19. Conclusion <ul><li>Given enough resources any database can be stolen and the information in it stolen </li></ul><ul><li>The key is to have enough security that script kiddies, automated attacks and experienced is data thieves can’t steal the data easily </li></ul><ul><li>Dynamic hashes with passwords is more secure than other approaches currently </li></ul><ul><li>But with all things in tech this will eventually become obsolete and newer things like PBKDF2 will become common place </li></ul>
  20. 20. Questions?