scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Few notes towards making honeyword system more secure and usable

08 Sep 2015-pp 237-245
TL;DR: Three concepts -- modified tails, close number formation and caps key are introduced to address the existing issues and the experimental analysis shows that the proposed techniques with some preprocessing can protect high percentage of passwords.
Abstract: Traditionally the passwords are stored in hashed format. However, if the password file is compromised then by using the brute force attack there is a high chance that the original passwords can be leaked. False passwords -- also known as honeywords, are used to protect the original passwords from such leak. A good honeyword system is dependent on effective honeyword generation techniques. In this paper, the risk and limitations of some of the existing honeyword generation techniques have been identified as different notes. Three concepts -- modified tails, close number formation and caps key are introduced to address the existing issues. The experimental analysis shows that the proposed techniques with some preprocessing can protect high percentage of passwords. Finally a comparative analysis is presented to show how the proposed approaches stand with respect to the existing honeyword generation approaches.
Citations
More filters
Journal ArticleDOI
TL;DR: A new modified-UI based honeyword generation approach, identified as Paired Distance Protocol (PDP), is proposed, which overcomes most of the drawbacks of previously proposed honeywords generation approaches and reduces the storage overhead to a great extent.

27 citations

Journal ArticleDOI
TL;DR: This work proposes new and more practical honeyword generation techniques, which achieve ‘approximate flatness’, implying that the honeywords generated using these techniques are indistinguishable from passwords with high probability, and proposes a new attack model called ‘Multiple System Intersection attack considering Input’.
Abstract: Breach in password databases has been a frequent phenomena in the software industry. Often these breaches go undetected for years. Sometimes, even the companies involved are not aware of the breach. Even after they are detected, publicizing such attacks might not always be in the best interest of the companies. This calls for a strong breach detection mechanism. Juels et al. (in ACM-CCS 2013) suggest a method called ‘Honeywords’, for detecting password database breaches. Their idea is to generate multiple fake passwords, called honeywords and store them along with the real password. Any login attempt with honeywords is identified as a compromise of the password database, since legitimate users are not expected to know the honeywords corresponding to their passwords. The key components of their idea are (i) generation of honeywords, (ii) typo-safety measures for preventing false alarms, (iii) alarm policy upon detection, and (iv) testing robustness of the system against various attacks. In this work, we analyze the limitations of existing honeyword generation techniques. We propose a new attack model called ‘Multiple System Intersection attack considering Input’. We show that the ‘Paired Distance Protocol’ proposed by Chakraborty et al., is not secure in this attack model. We also propose new and more practical honeyword generation techniques and call them the ‘evolving-password model’, the ‘user-profile model’, and the ‘append-secret model’. These techniques achieve ‘approximate flatness’, implying that the honeywords generated using these techniques are indistinguishable from passwords with high probability. Our proposed techniques overcome most of the risks and limitations associated with existing techniques. We prove flatness of our ‘evolving-password model’ technique through experimental analysis. We provide a comparison of our proposed models with the existing ones under various attack models to justify our claims.

20 citations


Cites background or methods from "Few notes towards making honeyword ..."

  • ...b) The “Close-number-formation (CNF)” method suggested in [20] is presented as an improvement over chaffing by tweaking technique....

    [...]

  • ...For example (from [20]), the password chosen by user is ‘animal’ and the two characters selected by the user are ‘ni’....

    [...]

  • ...Modified-tail [20] 1/k weak no no yes yes yes approach...

    [...]

  • ...There exist a few works [16], [18], [20] on the analysis of...

    [...]

  • ...Close-number [20] 1/k weak no yes no no yes formation...

    [...]

Journal ArticleDOI
TL;DR: This study proposes a “matching attack” model and finds that although Erguler's honeyword system can achieve perfect flatness, the success rate of the attacker is 100% under matching attack, and proposes a new honeyword approach named Superword that isolates the direct relationship between username and the corresponding hashed password in password files.

15 citations

Journal ArticleDOI
TL;DR: This paper has proposed few directions to minimize the storage cost of some of the existing honeyword generation approaches and has even found that in some cases no additional storage overhead is required.

12 citations

Proceedings ArticleDOI
01 May 2022
TL;DR: This work proposes four theoretic models for characterizing the attacker $\mathcal{A}$’s best distinguishing strategies, and develops the corresponding honeyword-generation method for each type of attackers, by using various representative probabilistic password guessing models.
Abstract: Honeywords are decoy passwords associated with each user account to timely detect password leakage. The key issue lies in how to generate honeywords that are hard to be differentiated from real passwords. This security mechanism was first introduced by Juels and Rivest at CCS’13, and has been covered by hundreds of media and adopted in dozens of research domains. Existing research deals with honeywords primarily in an ad hoc manner, and it is challenging to develop a secure honeyword-generation method and well evaluate (attack) it. In this work, we tackle this problem in a principled approach. We first propose four theoretic models for characterizing the attacker $\mathcal{A}$’s best distinguishing strategies, with each model based on a different combination of information available to $\mathcal{A}$ (e.g., public datasets, the victim’s personal information and registration order). These theories guide us to design effective experiments with real-world password datasets to evaluate the goodness (flatness) of a given honeyword-generation method.Armed with the four best attacking theories, we develop the corresponding honeyword-generation method for each type of attackers, by using various representative probabilistic password guessing models. Through a series of exploratory investigations, we show the use of these password models is not straightforward, but requires creative and significant efforts. Both empirical experiments and user-study results demonstrate that our methods significantly outperform prior art. Besides, we manage to resolve several previously unexplored challenges that arise in the practical deployment of a honeyword method. We believe this work pushes the honeyword research towards statistical rigor.

11 citations

References
More filters
Proceedings ArticleDOI
17 May 2009
TL;DR: This paper discusses a new method that generates password structures in highest probability order by automatically creating a probabilistic context-free grammar based upon a training set of previously disclosed passwords, and then generating word-mangling rules to be used in password cracking.
Abstract: Choosing the most effective word-mangling rules to use when performing a dictionary-based password cracking attack can be a difficult task In this paper we discuss a new method that generates password structures in highest probability order We first automatically create a probabilistic context-free grammar based upon a training set of previously disclosed passwords This grammar then allows us to generate word-mangling rules, and from them, password guesses to be used in password cracking We will also show that this approach seems to provide a more effective way to crack passwords as compared to traditional methods by testing our tools and techniques on real password sets In one series of experiments, training on a set of disclosed passwords, our approach was able to crack 28% to 129% more passwords than John the Ripper, a publicly available standard password cracking program

491 citations


"Few notes towards making honeyword ..." refers background or methods in this paper

  • ...characterize the vulnerability of the passwords under the same threat model [13] by considering different password-compositions policies....

    [...]

  • ...[13] proposed an algorithm which plays a crucial role in revealing the weakness of password system....

    [...]

  • ...An adversary who accesses F can successfully inverts H(pi) to get the password pi by using some well known technique shown in [13], which uses the concept of probabilistic context free grammar....

    [...]

  • ...The modern password cracking algorithm uses the concept of probabilistic context free grammars [13]....

    [...]

Proceedings ArticleDOI
20 May 2012
TL;DR: An efficient distributed method is developed for calculating how effectively several heuristic password-guessing algorithms guess passwords, and the relationship between guess ability, as measured with password-cracking algorithms, and entropy estimates is investigated.
Abstract: Text-based passwords remain the dominant authentication method in computer systems, despite significant advancement in attackers' capabilities to perform password cracking. In response to this threat, password composition policies have grown increasingly complex. However, there is insufficient research defining metrics to characterize password strength and using them to evaluate password-composition policies. In this paper, we analyze 12,000 passwords collected under seven composition policies via an online study. We develop an efficient distributed method for calculating how effectively several heuristic password-guessing algorithms guess passwords. Leveraging this method, we investigate (a) the resistance of passwords created under different conditions to guessing, (b) the performance of guessing algorithms under different training sets, (c) the relationship between passwords explicitly created under a given composition policy and other passwords that happen to meet the same requirements, and (d) the relationship between guess ability, as measured with password-cracking algorithms, and entropy estimates. Our findings advance understanding of both password-composition policies and metrics for quantifying password security.

464 citations

Proceedings ArticleDOI
04 Nov 2013
TL;DR: It is proposed that an auxiliary server (the ``honeychecker'') can distinguish the user password from honeywords for the login routine, and will set off an alarm if a honeyword is submitted.
Abstract: We propose a simple method for improving the security of hashed passwords: the maintenance of additional ``honeywords'' (false passwords) associated with each user's account. An adversary who steals a file of hashed passwords and inverts the hash function cannot tell if he has found the password or a honeyword. The attempted use of a honeyword for login sets off an alarm. An auxiliary server (the ``honeychecker'') can distinguish the user password from honeywords for the login routine, and will set off an alarm if a honeyword is submitted.

264 citations


"Few notes towards making honeyword ..." refers background or methods in this paper

  • ...Choosing the value k as 6 is very close to the value of k (k=5), as shown in [11]....

    [...]

  • ...Thus, the whole “honeyword” based system provides distributed security which is harder to compromise as a whole [11]....

    [...]

  • ...[11] A. Juels and R. L. Rivest....

    [...]

  • ...• We introduce the concept of “modified-tail” and “capskey” which overcomes the drawbacks of “take-a-tail” method proposed by Jules and Rivest [11] without diluting the security standards....

    [...]

  • ...In this paper we have expanded the concept of “honeyword” by making following contributions − • We introduce the concept of “modified-tail” and “capskey” which overcomes the drawbacks of “take-a-tail” method proposed by Jules and Rivest [11] without diluting the security standards....

    [...]

Proceedings ArticleDOI
18 Jun 1997
TL;DR: A new extension to further limit exposure to theft of a stored password-verifier is described, and it is applied to several protocols including the Simple Password Exponential Key Exchange (SPEKE).
Abstract: Strong password methods verify even small passwords over a network without additional stored keys or certificates with the user, and without fear of network dictionary attack. We describe a new extension to further limit exposure to theft of a stored password-verifier, and apply it to several protocols including the Simple Password Exponential Key Exchange (SPEKE). Alice proves knowledge of a password C to Bob, who has a stored verifier S, where S=g/sup C/ mod p. They perform a SPEKE exchange based on the shared secret S to derive ephemeral shared key K/sub 1/. Bob chooses a random X and sends g/sup X/ mod p. Alice computes K=g/sup XC/ mod p, and proves knowledge of {K/sub 1/,K/sub 2/}. Bob verifies this result to confirm that Alice knows C. Implementation issues are summarized, showing the potential for improved performance over Bellovin and Merritt's comparably strong Augmented-Encrypted Key Exchange. These methods make the password a strong independent factor in authentication, and are suitable for both Internet and intranet use.

200 citations


"Few notes towards making honeyword ..." refers background in this paper

  • ...protection against dictionary attack [10] or, rainbow table attack, necessity of salt becomes irrelevant against inversion attack....

    [...]

01 Jan 2000
TL;DR: A controlled trial in which, of four sample groups of about 100 first-year students, three were recruited to a formal experiment and of these two were given specific advice about password selection, the incidence of weak passwords was determined by cracking the password file, and the number of password resets was measured from system logs.
Abstract: There are many things that are ‘well known’ about passwords, such as that uers can’t remember strong passwords and that the passwords they can remember are easy to guess. However, there seems to be a distinct lack of research on the subject that would pass muster by the standards of applied psychology. Here we report a controlled trial in which, of four sample groups of about 100 first-year students, three were recruited to a formal experiment and of these two were given specific advice about password selection. The incidence of weak passwords was determined by cracking the password file, and the number of password resets was measured from system logs. We observed a number of phenomena which run counter to the established wisdom. For example, passwords based on mnemonic phrases are just as hard to crack as random passwords yet just as easy to remember as naive user selections.

148 citations


"Few notes towards making honeyword ..." refers background in this paper

  • ...Remembering different tails for different accounts may put extra burden on human memory and this would make the approach difficult to use [14]....

    [...]