The research method used in this project consists of four steps. The first step consists of reading up on relevant information about passwords, how they have been and how they are currently encrypted and stored. The second, third and fourth steps are somewhat intertwined. The second step is to explore and evaluate the tools that can attack a password database, before choosing the best one for our plan of attack. The third step is finding and acquiring a database of Norwegian passwords that we can attack and answer our research questions.
The fourth step consists of looking for and compiling the dictionaries that can help with the most effective attacks on the passwords of Norwegians. The fifth and final part is to conduct an experiment by performing several attacks on the database of passwords that was found, using the best tool for us and the dictionaries we had collected.
Chapter 2
The Principle of Passwords
This chapter explains the knowledge-based authentication credential known as passwords or alternatively as passphrases. We go through the history of passwords from biblical times all the way to the Internet age, describing how they are stored and used. We also cover how they are created in regards to the policies set by standards and touch upon the psychology of the people who create them.
2.1 History of the Password
2.1.1 Passwords and Cryptography Prior to Computers
Some people might think that the password arrived around the time of the first computer and has only had the purpose of securing computers. As the name "password" for a knowledge-based or memorized secret might be relatively new, the concept is probably as old as mankind itself or at least that of "civilised" man. The first mention of something similar to a password is in the seventh book of the Hebrew Bible and the Christian Old Testament, Book of Judges [3].
And the Gileadites took the passages of Jordan before the Ephraim-ites: and it was so, that when those Ephraimites which were es-caped said, Let me go over; that the men of Gilead said unto him, Art thou an Ephraimite? If he said, Nay;
Then said they unto him, Say now Shibboleth: and he said Sibboleth: for he could not frame to pronounce it right. Then they took him, and slew him at the passages of Jordan: and there fell at that time of the Ephraimites forty and two thousand.
Later, the Roman Legions used a passphrase distributed by a Tesserarius [4] as a method of distinguishing friend from foe. This is not the only case of Romans using passwords; the emperor Caesar is known for having used a cipher named after him, he may not be the creator of the cipher itself, but he is the first know user of it.
In more recent times, passwords or keys were used for ciphers such as Vigenere from the mid 1500’s, the ADFGVX cipher used by the Germans in WWI and theEnigma and other rotor-based cryptographic machines. These are just some of a few well-known examples among many.
2.1.2 In the information age
Around the 1970’s a new age of man began, this is now know as theInformation Ageor theDigital Age. In this new era the way mankind shares and stores its information and knowledge changes and evolves in the form of computers.
With this new form of information processing the password also gains a new role and becomes more prevalent in the lives of the common man. In this section we explore the password from the earlyDigital Agetill the present day.
The 1960’s and 1970’s
The first known case of the use for passwords —to protect a user’s files, information or to grant access —is disputed. However, most experts suggest that it stems from MIT’s CTSS (Compatible Time-Sharing System) in the early 60’s and credit its creation to Fernando J. Corbató who told Wired in 2012 "Putting a password on for each individual user as a lock seemed like a very straightforward solution"[5]. Corbató was hesitant to take the credit for the creation of the password and meant that IBM’s Sabre (Semi-Automatic Business Research Environment) already had passwords, although IBM is unsure if the system had this feature at that time. The CTSS system stored its user’s passwords on the system in plain-text without any security features.
The next step in password storage comes with MULTICS (Multiplexed Information and Computing Service) in the late 60’s and early 70’s. MULTICS was the successor to CTSS, which introduces a non-cryptographic hash known as the Multics Scrambler that stored passwords in the PNT (Person Name Table). Tom Van Vleck —one of the developers on MULTICS —describes this with"Joe had suggested I store the square of the password, but I knew people could take square roots, so I squared each password and ANDed with a mask to discard some bits"[6], Joe is referring to Joe Weizenbaum, a computer science professor working for MIT at the time of development. This early version of a hash function is then cracked by the USAF (United States Air Force) during an evaluation of the MULTICS security in the period of 1972-1974.
The 3rd edition of the UNIX operation system implements a weak cryptographic hash function under the namecrypt(3)that is based on theM-209 cipherdeveloped during WWII [7], this is used for UNIX systems all the way up to the 6th edition. This scheme uses the the plain-text password as a key instead of encrypting the password text. When it is discovered that encrypting the key can be done in approximately 1 millisecond this scheme is no longer considered secure. As encrypting a key and testing it to a stored password takes very little time and the fact that passwords of the time were rather short it would only take a few of days or a few years at the most to run a brute-force attack [8] to crack any passwords.
Knowing the weaknesses of the3rd - 6th ed.of UNIX’scrypt (3)thecrypt(3) of 7th ed. is altered to implement a 56-bit DES (Data Encryption Standard) block cipher for its hash function [9]. This gives a rather significant security improvement, as DES was quite hard to break and at that time was slow in software (this too used the password as a key to encrypt a known string). This version ofcrypt(3)also introduces a salt to the bits and iterates the DES 25 times [10], this is the first know case of password stretching. With the invention of hardware to assist the issue of slow DES and the limit of 8 character passwords puts passwords at higher risk again. The crypto(3) combats this by adding a 12-bit random number, this would not work with the DES-chip’s internal wiring making it useless in a brute-force attack againstcrypt(3)encrypted password.
Other mitigations to the DES-chip included increasing the DES key length,
salting and re-iterating multiple times.
The 1980’s and 90’s
Through most of the 1980’s there is very little advancement or development in password security or defence until the launch of System V (System 5) and BSD 4.3 (Berkeley Software Distribution version 4.3). To mitigate the security risks of the DES hashed passwords the developers of System V and BSD 4.3 releases these with what is known as password shadowing. Password shadowing is where the username and passwords are stored separately, this allows for the system to restrict user access to the password files [11] [12].
Microsoft’s NTLM (New Technology Local Area Network Manager) imple-ments the MD4 (Message-Digest) hash scheme instead of DES. Unlike UNIX systems at that time the NTLM did not utilize salts nor did it iterated the hash [13].Which therefore made it weak.
In the early- to mid-nineties the BSDi (Berkeley Software Design Inc) Version of the BSD OS uses an extended version of the DES crypto scheme.
This extended version supports a 24-bit random salt, configurable number of iterations, explained in section 8.5, and allows for a password length longer than 8 characters.
FreeBSD introduces —in the 1994 release ofversion 1.1.5.1—the MD5 based crypto(3) algorithm created by Ronald Rivest [14]. This hash scheme would then allow for a longer password length and a salt of 48-bit and up to 1000 iterations. At the end of the 1990’s openBSD launches thebryptcrypto scheme to combat the rising developments in the"cracking"of hash-based passwords.
This new scheme is based on theblowfishalgorithm [15] and it also uses a larger salt of 128-bit.
During this time, due to the rise in the popularity of the Internet and its need for passwords, a lot of time and development went into the creation of secure methods for transferring the password information over unsecured channels. The solution is mainly based on encrypting the traffic using SSL/TLS, but this will not be covered in this thesis.
2000’s to the present (and beyond)
Windows NT Windows 2000 starts to store passwords in a specific file called the SAM file (Security Accounts Manager). This file is then also encrypted using something called the SYSKEY as its encryption key. Very little has truly happened in the security of how we store passwords since the early 2000’s. Much like in the 90’s the development of securely transmitting passwords were quite important in this decade as well. Although with the emergence of modern technologies and devices in this burgeoning millennium, we have started to create new forms of user authentication. Among the new authentications aretwo-factor,graphical,biometricsandone-time logins.