Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

BsidesDetroit13_Passwords

advertisement 
Objectives
• Explore the current authentication problem
• Explain current anatomy and security of traditional single
factor authentication
• Demonstrate Tools, Techniques, and Strategies for
recovering encrypted passwords
• Discuss password recovery resistance methodology
• Discuss new authentication alternatives and technologies
Recent Enterprise Password Fails
LinkedIn
E-Harmony
Yahoo
June 6th 2012
June 6th 2012
July 11th 2012
6,000,000 Encrypted
1,500,000 Encrypted
400,000 Clear Text
Twitter
February 1st 2013
250,000
Salted+Encrypted
LinkedIn/E-Harmony (June 6th 2012)
•
•
•
Passwords believed to be leaked by Russian Hacker
165,000 passwords cracked in first week
Most used passwords: link, 1234, work, god, job
Yahoo (July 11th 2012)
• Password leaked by group called D33Ds
• Usernames and Passwords in clear text
• Over 100,000 Gmail addresses included with leak
Twitter (Feb 1st 2013)
•
•
usernames, email addresses, session tokens, and the encrypted and salted
versions of passwords where compromised
Attack was reported to be sophisticated and hinted to Java plug-in exploit
2013 Verizon *DBIR Findings
*Data Breach Investigation Report
The Historic Password Problem
Access Control Using Single Factor Authentication
•
•
•
•
Passwords exist to deter unauthorized access
Passwords stored locally to ensure access
Passwords traditional keys to the kingdom
Accidental access or authentication bypass put
passwords at risk
• Originally passwords kept in clear text file
• Encryption added to make password file pillaging less
effective
How Modern Passwords Work
Passwords are stored in an Encrypted Hash Format
• There is a guaranteed 1-to-1 correlation between password and
encrypted hash
• The hashing algorithm is irreversible
• Vulnerable to password guessing and brute force attacks
Some Password Hashing Examples:
The SHA1 for Bsides is = 8215350dfd7b6a15af09798f1d3e754da1e3c2fe
The MD5 for Bsides is = 474c302dd6c73aeb2bfbeccef0da8adf
How Access is Granted for a User
Type in Username and Password->Press “Enter”
• The Computer will generate an encrypted hash of the
password typed
• Then compares this hash with the one stored on the machine
for the specific user
• If they match access is granted
• If they are different user is asked to try again
Type Password
Ex. Bsides
Calculate Hash (MD5)
Bsides = 474c302dd6c73aeb2bfbeccef0da8adf
Does Hash Match?
Yes
Access Granted
No
How Password Complexity Works
Password authentication results from a subset of
combinations from the following characters
Lowercase = 26 Characters
(abc….xyz)
Uppercase = 26 Characters
(ABC…XYZ)
Numbers = 10 Characters
(123…890)
Special characters < ~33 Characters (!@#...^&*)
(26 + 26 + 10 + 33) = 95 Character Total
How Password Length Works
Let:
T = total combinations of possible passwords
L = length of the password
C = number of unique character keys that can be used
The total number of possible passwords can be modeled by:
L
T=C
Entropy(max)Permutations:
7675309 = 107+ 106+ 105+ 104+ 103+ 102+ 101 = 11,111,110
bsides = 266 + 265 + 264 + 263 + 262 + 261 = 8,353,082,582
Bsides = 526 + 525 + 524 + 523 + 522 + 521 = 1,048,229,971,204
Bs!des = 956 + 955 + 954 + 953 + 952 + 951 = 65,545,047,154,954
How Passwords Are Compromised
Some Tools of the Trade
Cain and Abel – Windows GUI based Password Cracker
John the Ripper – Multiplatform command line Cracker
HashCat – Multi-platform, GUI, Multi-GPU Cracker
THC Hydra - A fast network authentication cracker
PWDump - extracts NTLM and LanMan hashes
Many….many…more!
Obtain and Dump Windows Credentials into
Password Cracking Program
• NT hash - Full 95 Characters
• LM hash - Not Case sensitive, 14 Char Max (2 blocks
of 7 characters)
Inherent Password Problems
- LM hashes store up to 14 character passwords by
concatenating two groups of 7 characters
Recovery Sequencing
Minimizing Time to Recover (Fastest to Slowest)
1) Dictionary Attack/Password Guessing
2) Brute force (Least Energy Calculation Sequencing)
2.1) Numbers (10)
2.2) Lowercase (26)
2.3) Lowercase + Numbers (36)
2.4) Lowercase + Uppercase (52)
2.5) Lowercase + Uppercase + Numbers (62)
2.6) Lowercase + Uppercase + Numbers + Special Characters (95)
Dictionary Attack Dynamics
Dictionary Recovery Tricks
Millions of users passwords are aggregated and studied for use
and frequency patterns
•
Dictionary are built on password popularity instead of ordering
for (A to Z)
• Specialized word lists available via the web
• These patterns then can be automated to increase the likelihood
of cracking a password.
• Here are some of Cain and Abel’s Advance Dictionary Attack
techniques for success.
Dictionary Attack Finds 4 Passwords in less
than 60 Seconds
Advance Dictionary Techniques
Online Services: Cloud-based Dictionary Attack for Fee
- Moxie Marlinspike’s Cloud Cracker
- Dictionary LM/NTLM = 385,000,000,000,000 words
Brute Force Recovery (10)
Brute Force Lowercase (26)
More Brute Force Calculations
Even More Brute Force Calculations
4000
3000
Max Years to Brute Force Password
7 Char
2000
8 Char
1000
9 Char
10 Char
0
7 Char
8 Char
9 Char
10 Char
Brute Force Advance Techniques
Rainbow Tables:
• Pre-calculated hash values kept in Dictionary for Speed
• Time/Space Trade off
• Larger searches increase in size exponentially
Removing Restricted Password Lengths
- Corporate Password Policy states minimum password
must be 8 characters or greater. 62 Chars Min
-
= 221,919,451,578,090
-
= 218, 340,105,584,896
__________________
A reduction of
3,579,345,993,194 possibilities
However this is only 2% overall
Brute Force Advance Techniques
• Key Casting:
• Studies by August Dvorak as far back as the 1936 noted that
some keys are used more than others:
Here was the order of most used letter to least used letters:
ETAOIHNSRDLUWGCYMFPBKVQXJZ
Reducing the Key Space
Wheel of Fortune Recovery Methodology
• abcdefghijklmnopqrstuvwxyz
– 8 Characters
– 217,180,147,158
acdefghilmnorstuwy removed pbkvqxjz
- 9 Characters
- 210,027,483,918
Floor vs. Ceiling Key Space Complexity
mississippi - Lower Case
Maximum Characters Space = 26 keys
(2611+… 261) = 3,817,158,266,467,286 Combinations
Minimum Character Space = 4 Characters = “MISP”
(411+… 41) = 5592404 Combinations
Time To Crack = 1 Second!
So Passwords are Weak….Now What?
Be Dictionary Recovery/Crack Resistant
Brute Force Password Resistance
Improve Minimum Floor Combination Space
Maximum number of combinations (ie., strength
of the password) happens when:
# of unique Characters = Length of the Password
when C = L for CL
This means passwords with no repeating characters are
inherently harder to crack because they are more resistant to
key space reduction techniques.
Ex. Floor combination space for utah(4) > Floor combination space for ohio(3)
44 > 34
Length Trumps Complexity
Recall that password strength, T, is modeled by:
where L is the length of the password and
C is the number of unique characters used
T = CL
With this model, a slight change to the exponent, L, will have a much more
significant impact on T than will a similar change to the base, C.
For example, compare the following changes:
103 =1000 but 104 =10000 compared to 103 = 1000 but 113 = 1331
Thus, it is always more advantageous to increase the length of the password over
increasing the number of character options available.
10 Character password minimum
Special Characters
Unique Characters
15 Character passwords will break LM hashing
Establish Multiple Passwords
Develop an easy general rule to make passwords
unique to each of your accounts
TIP
- Incorporate the URL into each of your passwords.
- This will make each password unique
- Increase the length of your base word
- Also add Complex Noise
- Creates Enclave Protect Defense In Depth Practices
Examples:
Gmail account = gma##Fluffy1 or Fluffy1@g#m#a
Yahoo account = hay##Fluffy1 or Fluffy1@h#a#y
Consider a Password Vault Service
One Password to rule them all
Here is a list of some of the most popular services:
- KeePass (Windows/Mac/Linux/Mobile, Free)
- Robofrom (Windows, Basic: Free/Pro: $29.95)
- LastPass (Windows/Mac/Linux/Mobile, Basic: Free/Premium:
$1/month)
- SplashID (Windows/Mac/Mobile, Desktop:
$19.95/Mobile:$9.95
- 1Password (Mac OS X/iPhone, Desktop: $39.95/iPhone:$14.95)
Fixing the Problem
Take the user out of the equation
Security GPO’s for Windows/
PAM for *nix(Linux/Unix)
- (9-10) Min Char Length
- Enforce Complexity
- (90 -180) Day Password Expire
5000
Max Years to Brute Force…
0
7 Char 8 Char 9 Char 10 Char
2012 Worst Passwords
1
password
2
123456
3
12345678
4
abc123
5
qwerty
6
monkey
7
letmein
8
dragon
9
111111
10
baseball
11
iloveyou
12
trustno1
13
1234567
14
sunshine
15
master
Salt and Encrypt Stored Credentials
Bcrypt
• A variant of Blowfish Encryption algorithm
• Extremely slow to calculate hashes
– This makes recovery/cracking slow
• Implementations written in:
– Java, Python, C, C#, Ruby, Perl, PHP 5.3+ and many
other. languages
Compromise Detection Strategies
Honey Passwords
- Seed the Cached Credentials with a few fake users with low
privileges and easier to crack passwords for the fictitious
users.
- Create log rules for login or attempted logins from those users
- If someone try’s to log in or does log in a “Mickey Mouse” you
achieve a positive indicator or of possible compromise of
stored credentials
Warning: May be susceptible to privilege escalation…must
monitor diligently
Strong Multi-Factor Authentication
3 Types of Authentication
What You Have
-Wristband
-ID Card
-Security Token
-Software Token
- Phone
- Cell phone
What You Know
- Password
-Passphrase
-PIN
-Challenge
Response
-Pattern
What You Are
-Fingerprint
-Retinal Pattern
-DNA Sequence
-Signature
-Face
-Voice
-Other biometric
identifiers.
2Step != 2Factor Authentication
2-Step Verification
Can be the same type
of authentication
2-Factor
Authentication
Must use at least two of
the three authentication
types
Hard Tokens – Strongest
Most Expensive Protection
- Hard Token is difficult to hack/compromise
- Must have the token to sign in
- High cost to purchase and maintain….must weigh security versus
cost
- Weakness is keeping the private certificate secure….onus on vendor
Smart Cards
RSA SecureID Token
Yubikey
Soft Tokens – Good Protection
at a Reasonable Price
-
Companies save money on purchasing hard tokens
Works well with BYOD and cellular environments
Cheaper than hard tokens to implement and maintain
Weakness is if both devices become compromised then
credentials can be stolen.
2FA Available From:
Web Service
2FA Name
Amazon Web Services
AWS Multi-Factor
Authentication
Dropbox/Word Press
Two-Factor Verification
Facebook
Login approval
Twitter/Google
Microsoft/Hotmail
Paypal/eBay
2-step verification/Google
Authenticator
Microsoft account Security
Code
Security Key
2FA Application Development
Google Authenticator
- An open source project
- supports both the HOTP and TOTP
- algorithms
- *HMAC -Based One-time Password (HOTP) algorithm specified in RFC 4226
- Time-based One-time Password (TOTP) algorithm specified in RFC 6238
- Modules and Apps available for:
-
PC
Android
iOS
Blackberry
PAM Module
*Hash-based Message Authentication Code
The Future of 2FA?
• MasterCard Piloting new credit card in Singapore referenced
as the "next generation of payment cards."
• Display Card has an LCD screen and
• Touch-sensitive buttons for one-time password (OTP).
• OTPs supplied by text messages or hardware token.
The Future of 2FA?
PassThoughts
• brainwave-based computer authentication
• electroencephalograms (EEGs), or brainwave
measurements, for computer authentication
Conclusion: 2FA - Knowledge Is Power!
*Data Breach Investigation Report
References
Background Photo obtained from - http://freestockphotos.com/
Graphics Created with – http://www.blender.org/
LinkedIn/E-Harmony breach http://articles.washingtonpost.com/2012-0607/business/35462356_1_million-passwords-linkedin-passwords-linkedin-app
Most popular cracked LinkedIn passwords - http://mashable.com/2012/06/08/linkedin-stolenpasswords-list/
Yahoo breach - http://abcnews.go.com/blogs/technology/2012/07/yahoo-password-breachincludes-gmail-hotmail-and-aol-users/
Twitter breach - http://www.theregister.co.uk/2013/02/02/twitter_breach_leaks_user_data/
Verizon DBIR - http://www.verizonenterprise.com/DBIR/2013/
Cain and Abel - http://www.oxid.it/cain.html
John The Ripper - http://www.openwall.com/john/
THC Hydra - http://www.thc.org/thc-hydra/
HashCat - http://hashcat.net/oclhashcat-plus/
PWDump - http://www.foofus.net/~fizzgig/pwdump/
Numerous Eye Candy Photo Credit - http://www.freedigitalphotos.net
Cloud Cracker - https://www.cloudcracker.com
Downloadable RainbowTables – https://tbhost.eu/rt.php
References
Keyboard Frequency Pic - http://img.gawkerassets.com/img/1854qtk80dduyjpg/original.jpg
August Dvorak Keyboard Studies - http://en.wikipedia.org/wiki/Dvorak_Simplified_Keyboard
2012 Worst Passwords - http://splashdata.com/press/PR121023.htm
Setting Windows Password Policy -http://technet.microsoft.com/en-us/library/cc875814.aspx
Two Factor Auth Wiki - https://en.wikipedia.org/wiki/Multi-factor_authentication
MasterCard 2FA Card - http://www.theage.com.au/technology/technology-news/new-creditcard-has-lcd-screen-touchsensitive-buttons-20121109-2923y.html
Brain wave Passwords - http://phys.org/news/2013-04-password-future-passthoughts.html
Google Authenticator - http://code.google.com/p/google-authenticator/
Thank You!
Questions?
Email: RabidSecurity@gmail.com
Twitter: @rabidsecurity
Related documents
Password-Based Football
Password-Based Football
How to start Whitepins - AMAS-Team
How to start Whitepins - AMAS-Team
password - Department of Computer Science
password - Department of Computer Science
Slide 1
Slide 1
windowsAuthentication
windowsAuthentication
Download
advertisement