Slides from a talk I gave to the PDX Tech meet up group on 8/18/2014 about the growing dangers of password authentication.

1. Passwords
Changing times
Two ways forward
The Changing Landscape of Passwords
Ryan Smith, Ph.D.
Data Scientist
August 18, 2014
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

2. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
De

3. nition
A hash function is a 'one way' function that scrambles the input so
that a) it's infeasible to guess the input from the output, and b)
slight changes to the input have a large eect on the output.
Input Hashed Output
password 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
Password 8be3c943b1609fbfc51aad666d0a04adf83c9d
1234 7110eda4d09e062aa5e4a390b0a572ac0d2c0220
DB+U44@5wK83g*6 df3c73999cc44aabbba6c7167cc8a846a7425f43
Table: Hashes using the SHA-1 algorithm
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

4. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
De

5. nition
A hash function is a 'one way' function that scrambles the input so
that a) it's infeasible to guess the input from the output, and b)
slight changes to the input have a large eect on the output.
Input Hashed Output
password 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
Password 8be3c943b1609fbfc51aad666d0a04adf83c9d
1234 7110eda4d09e062aa5e4a390b0a572ac0d2c0220
DB+U44@5wK83g*6 df3c73999cc44aabbba6c7167cc8a846a7425f43
Table: Hashes using the SHA-1 algorithm
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

6. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
How do hash functions aect your life?
Data integrity
Bitcoin
All password-based authentication
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

7. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
How do hash functions aect your life?
Data integrity
Bitcoin
All password-based authentication
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

8. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
How do hash functions aect your life?
Data integrity
Bitcoin
All password-based authentication
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

9. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password
3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

10. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password
3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

11. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password
3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

12. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password
3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

13. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
... because that's where the money is
How do attackers compromise password lists?
SQL injection attacks
Cross-site scripting
Buer over
ows
: : :
Avoid single points of failure
Password policies should assume that an attacker has access to the
list of hashed master passwords.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

14. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
... because that's where the money is
How do attackers compromise password lists?
SQL injection attacks
Cross-site scripting
Buer over
ows
: : :
Avoid single points of failure
Password policies should assume that an attacker has access to the
list of hashed master passwords.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

15. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
Guess and check
Example
Suppose the hash of Laura's password is d83f445224a58355b13.
Password Hash
cat 3389fc855f142c3d40f
uy e1e986bc62f6c988dd
whiskers 8ae5f0c19282e29f203
: : : : : :
kitten42 d83f445224a58355b13
We know that Laura's password was kitten42
Danger
These are not hypothetical attacks! John the Ripper and Hashcat
are both widely available.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

16. Passwords
Changing times
Two ways forward
Hash Functions
Defeating password authentication
Guess and check
Example
Suppose the hash of Laura's password is d83f445224a58355b13.
Password Hash
cat 3389fc855f142c3d40f
uy e1e986bc62f6c988dd
whiskers 8ae5f0c19282e29f203
: : : : : :
kitten42 d83f445224a58355b13
We know that Laura's password was kitten42
Danger
These are not hypothetical attacks! John the Ripper and Hashcat
are both widely available.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

17. Passwords
Changing times
Two ways forward
Enter the GPU
The Cloud
Order of magnitude comparisons
De

18. nition
Embarrassingly parallel problems scale perfectly with more
processor power
Device Cores NTLM hashes per second
Intel Core i5 4 5-15 million attempts per second
NVIDIA GTX 690 3072 12-14 billion of attempts per second
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

19. Passwords
Changing times
Two ways forward
Enter the GPU
The Cloud
Order of magnitude comparisons
De

20. nition
Embarrassingly parallel problems scale perfectly with more
processor power
Device Cores NTLM hashes per second
Intel Core i5 4 5-15 million attempts per second
NVIDIA GTX 690 3072 12-14 billion of attempts per second
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

21. Passwords
Changing times
Two ways forward
Enter the GPU
The Cloud
GPU computing
A cluster of 25 AMD Radeon
HD6990s achieved:
350 billion guesses per
second using NTLM
hashing,
a complete search of all
eight character passwords
with uppercase, lower case,
letters, digits, and symbols
in six hours!
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

22. Passwords
Changing times
Two ways forward
Enter the GPU
The Cloud
Remark
Why run one GPU for 100 hours, when you could run 100 GPU's
for one hour?
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

23. Passwords
Changing times
Two ways forward
Repeated hash functions
Third party authentication
Repeated hash functions
Apply a hash function more than once
SHA1(SHA1(doge)) = SHA1(aa3cca7d : : :)
= 59c77262 : : :
This is not always such a bad idea, encrypted .dmg

24. les on OS X
use 250,000 iterations of SHA1.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

25. Passwords
Changing times
Two ways forward
Repeated hash functions
Third party authentication
Repeated hash functions
Apply a hash function more than once
SHA1(SHA1(doge)) = SHA1(aa3cca7d : : :)
= 59c77262 : : :
This is not always such a bad idea, encrypted .dmg

26. les on OS X
use 250,000 iterations of SHA1.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords

27. Passwords
Changing times
Two ways forward
Repeated hash functions
Third party authentication
Let someone else solve the problem for you
Build your websites to use a third party authentication
OpenID - Google, Yahoo, Twitter
Facebook Connect
OAuth 2.0
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords