Choosing strong passwords


Published on

A short discussion on how file encryption works and how passwords actually contribute (or don't) to the security of those files.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Choosing strong passwords

  1. 1. The Illusion of protection(commentary on passing encrypted data via files)
  2. 2.  Anywhere in US = high profile target  Large Organizations have a large target profile  Example: With 50,000 users, SOMEONE is going to have the password: *1Passw0rD* Access to home machines gives access to work most of the time Personal AND business information at risk
  3. 3.  Well-funded enemies of the state  International Criminal Organizations  State-sponsored enemies Hackers with almost unlimited free time  Anonymous / Lulz Sec Logistics for all  Corporate Resourcing for Hire  Cloud Services – AWS, Google Cloud, etc.  Each generation has a knowledgebase upon which to build  Our children have access to more knowledge than ever before in history  Distribution channels for new attacks  Internet – fastest distribution methodology history has known
  4. 4.  Generating a random password is harder than it looks  Randomness does not occur naturally in language  (English language entropy [sensible language] – 1.5 bits/character) Password generation algorithms are patterns  Pick a word/phrase and mix it up  n0tY0urP@ssw0rd - Letme!n123 - P@tri0tsRule!!  Mash the keyboard in a pattern  1234!@#$qwerQWER - 12qw!@QW  Password Complexity Rules just limits the usable algorithms  E.g. cat*town_horse_buddy;itself”computer- drapes%query_limits^yuletide@notices  Strong passwords don’t always meet complexity rules (no caps, no numbers!) Rules and patterns severely limit search space  Hackers don’t have to test millions of passwords that don’t meet the complexity criteria  True randomness doesn’t have rules  Rules give hackers too much information about the password
  5. 5.  Secure password transmission  Recommendation #1 – Users should transmit passwords over alternate medium  Assumption is that if someone can get the document, they can also get the email.  The level of risk already inherent in the transmission  Passwords should not be written down, even in emails  Key changes should be done with all personnel changes (minimum) Encoding passwords to be easy to remember  Train users to get random!  Five RANDOM common words (tomboy, skateboard, caterpillar, the, mouse)  Estimated 55 bits of entropy based on a working vocabulary of 2048 words  Add entropy with personal rules of insertion/capitalization and numbers/symbols  Compare to ideal AES-128 key = 128 bits of entropy (2^73 x LESS entropy!)  Compare to AES-256 key = 256 bits of entropy (2^201 x LESS entropy!) Technical Controls  Ensuring adequate salt (randomness) for AES key  Change salt length to match length of encryption key (32 bytes/256 bits)  Forced password complexity (? – better than nothing – but good enough - ?)  Enforcing simple rules can actually REDUCE available entropy  Improving password complexity rules to force more entropy
  6. 6.  Assigning passwords (give entropy to users)  Because humans aren’t random – password generation should be ‘more’ random  Password Generation as a Service Secure Data Exchange Gateways  Encrypted IM  Encrypted email
  7. 7. How encryption is implemented with passphrase-based software SECRET INFO Passphrase Random Number PBKDF2 AES-128 GeneratorSalt AES Key Encrypted INFO Compress & Package (ZIP) Encrypted Doc [and that’s a simplified version of the flow-chart]
  8. 8.  Almost everyone in IT knows AES!  Encryption algorithm  Current standard (Rijndael)  Advancement from DES/Triple-DES Securing document is not just encryption  Encryption needs keys  Keys require handling / (Key Management)  Key management requires a chains of trust  Secure generating and trading of random keys is HARD Few have heard of PBKDF2  Used to ‘passphrase’-protected documents  (pseudo-random keys from simple passphrases)  Creates AES encryption keys from Passphrases  One-way algorithm (like a blender)  Having the output you can’t get the input  Flexible control  # of cycles directly related to time to compute results  Added entropy salted in by user (take the pseudo- out of pseudo-random with entropy)
  9. 9. gr@pe_Pudd1ng SECRET INFO random AES combo one-way hash 101010101010101101011100 001010111011011010000111 101011010100110101001010 AES – pick-proof, complex Salt added to recipe ensures randomness for AES key Email 2 Email 1Entropy comes from recipe complexity.A passphrase is created with a recipe that describes it. Salt and locked safe delivered to recipient
  10. 10. Control of this is possible only with Email 2 ONLINE system controls – not offline documents and files 29 million tries per hour ? If attacker has access to emails already, trying every OTHER Attacker has access to Salt so email in the random entropy of AES key does mailbox will be not interfere with trials quick and easy! Highly-automated Blender ($329) 29,064,960 recipes/hour (yes, 29 MILLION!)The complexity of the recipe and number of potential ingredients is the only thing preventing them fromduplicating the secret formula to recreate the AES key. Note the attacker does not directly brute force AES keys!With online password systems, we can control speed of attacks with login controls such as timeouts and lockout.
  11. 11. 100000 Vocabulary 1 100000 100,000 phrases 1 Capital letter 1 1 32 typewriter symbol 1 32 10 number 1 10 4 number/cap/sym position 3 64 Attacker can choose capital speed/cost 32 GPUs @$250 ea $ 10,528.00 Attacker capital resources Total $ 15,328.00 2,048,000,000 2.20 hours 0.09 days Amazon GPU Cloud* $ 81.03 16 AWS GPU instances With cloud computing - attacker no longer worries about capital costs! *Amazon GPUs not this fast (yet) -erring on side of cautionWorksheet simulation to examine how password rules/complexity affect attacker costBased on attack against MS Word 2010 PBKDF2 algorithm of 100,000 cycles –Assumption based on using an ATI Radeon HD 5970 – Online price $329 --- (published attack speed of 20,184 passes/sec with COTS package)