Wikipedia

Password cracking

This is an old revision of this page, as edited by Arvindn (talk | contribs) at 08:40, 21 February 2004. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Password cracking is the process of recovering secret passwords stored in a computer system. The purpose of password cracking might be either to help a user remember a forgotten password or (more usually) to gain unauthorized access to a system.

Techniques

There are several ways of obtaining passwords, such as social engineering, wiretapping, keystroke logging, spoofing, dumpster diving and compromising host security (see password for details). However, these methods are usually not considered to constitute password cracking; the term is used to refer to recovering the plaintext password from the encrypted or encoded version. It assumes that the attacker already has access to the encrypted password.

Decryption

This is the most obvious method, and the only one that can be applied even on well-chosen passwords. The attacker attempts to decrypt the password by exploiting some cryptographic weakness in the encryption algorithm. However, it must be kept in mind that ciphers used for encryption are analyzed for weaknesses extremely thoroughly by cryptographic experts, and hence this method is unlikely to work. Proprietary algorithms which rely on obscurity for security are somewhat more likely to succumb to such attacks.

Progress in cryptography has provided us with functions which are believed to be "one way" hashes, such as MD5. These are thought to be impossible to decrypt. (The procedure for authentication is to encrypt the password again and check if it matches the stored encrypted password.) When one-way functions are used for authentication, password cracking through decryption can be considered to be out of the question.

Guessing

Not surprisingly, many users choose weak passwords, usually one related to themselves in some way. It may be:

  • the user's name or login name
  • the name of their spouse or another relative
  • their birthplace or date of birth

and so on, or a simple modification thereof, such as suffixing a digit or reversing the order of the letters. Some users even neglect to change the default password that came with the system.

Such passwords are easily guessable by the determined cracker. Guessing is the most successful method of password cracking.

Dictionary attack

This attack also exploits the tendency of people to choose weak passwords, and is related to the previous attack. Password cracking programs usually come equipped with "dictionaries", or word lists, of several kinds:

  • words in various languages
  • names of people
  • places
  • commonly used passwords

The cracking program encrypts each word in the dictionary, and simple modifications of each word, and checks if it matches the encrypted password. This is feasible because several thousand words can be encrypted per second on a modern computer.

Guessing and dictionary attacks are sufficient to crack a majority of weak passwords.

Brute force attack

A last resort is to try every possible password. Since the number of possible passwords increases rapidly as the length of the password increases, this method is unlikely to be successful unless the password is very small. Generic Brute-force search techniques can be used to speed up the computation, but not much. A brute force attack might be effective against a poor encryption algorithm. If the algorithm uses a small "keyspace", such as by truncating the password to the first 8 characters, then it might be feasible to exhaust all possible passwords. Passwords encrypted using the outdated DES cipher can be quickly broken in this way with specialized hardware (or in several weeks using zero-cost idle time on a cluster of computers).

Prevention

The best method of preventing password cracking is to ensure that attackers cannot get access even to the encrypted password. For example, on the Unix system, passwords were traditionally stored in a publically accessible file "/etc/passwd". On modern Unix systems, on the other hand, they are stored in the file "/etc/shadow", which is accessible only to system programs. This makes it harder for a malicious user to obtain the encrypted passwords.

It is also imperative to choose good passwords (see password for more information) and a good encryption or hash algorithm that has stood the test of time. AES and MD5 are excellent candidates.

However, no amount of effort put into preventing password cracking is any good without a well-designed and well-implemented security policy. The canonical example of this is an unsophisticated user who leaves their password on a post-it note stuck to their monitor.

Password cracking programs

Advanced topics

Salting

When the attacker has several encrypted passwords to crack rather than just one, it is possible to improve the efficiency of the dictionary attack. Since encrypting a word takes much longer than comparing it with a stored word, a lot of effort is saved by encrypting each word only once and comparing it with each of the encrypted passwords one by one.

To prevent this, a technique known as salting is used. When the user sets a password, a short string (usually two characters in length) called the salt is suffixed to the password before encrypting it; the salt is stored along with the encrypted password so that it can be used during verification. Since the salt is different for each user, the attacker can no longer use a single encrypted version of each dictionary word: the encryption algorithm must be repeated for each user as well. Thus the amortization technique described above is of no use unless several thousand passwords are being cracked at once.

See also

Retrieved from "https://en.wikipedia.org/w/index.php?title=Password_cracking&oldid=2467626"