Generation of Secure and Reliable Honeywords, Preventing False Detection
TL;DR: This work proposes new and more practical honeyword generation techniques, which achieve ‘approximate flatness’, implying that the honeywords generated using these techniques are indistinguishable from passwords with high probability, and proposes a new attack model called ‘Multiple System Intersection attack considering Input’.
Abstract: Breach in password databases has been a frequent phenomena in the software industry. Often these breaches go undetected for years. Sometimes, even the companies involved are not aware of the breach. Even after they are detected, publicizing such attacks might not always be in the best interest of the companies. This calls for a strong breach detection mechanism. Juels et al. (in ACM-CCS 2013) suggest a method called ‘Honeywords’, for detecting password database breaches. Their idea is to generate multiple fake passwords, called honeywords and store them along with the real password. Any login attempt with honeywords is identified as a compromise of the password database, since legitimate users are not expected to know the honeywords corresponding to their passwords. The key components of their idea are (i) generation of honeywords, (ii) typo-safety measures for preventing false alarms, (iii) alarm policy upon detection, and (iv) testing robustness of the system against various attacks. In this work, we analyze the limitations of existing honeyword generation techniques. We propose a new attack model called ‘Multiple System Intersection attack considering Input’. We show that the ‘Paired Distance Protocol’ proposed by Chakraborty et al., is not secure in this attack model. We also propose new and more practical honeyword generation techniques and call them the ‘evolving-password model’, the ‘user-profile model’, and the ‘append-secret model’. These techniques achieve ‘approximate flatness’, implying that the honeywords generated using these techniques are indistinguishable from passwords with high probability. Our proposed techniques overcome most of the risks and limitations associated with existing techniques. We prove flatness of our ‘evolving-password model’ technique through experimental analysis. We provide a comparison of our proposed models with the existing ones under various attack models to justify our claims.
Citations
More filters
TL;DR: This study proposes a “matching attack” model and finds that although Erguler's honeyword system can achieve perfect flatness, the success rate of the attacker is 100% under matching attack, and proposes a new honeyword approach named Superword that isolates the direct relationship between username and the corresponding hashed password in password files.
Abstract: Generating honeywords for each user’s account is an effective way to detect whether password databases are compromised. However, there are several underlying security issues associated with honeyword techniques that need to be addressed, for example, (1) How to make it more difficult for an attacker to find an accurate match of “username-real password”? (2) How to prevent the intersection attack in multiple systems caused by password reuse without reducing usability? (3) How to reduce the success rate of targeted password guessing? In this study, we first propose a “matching attack” model and find that although Erguler’s honeyword system can achieve perfect flatness, the success rate of the attacker is 100% under matching attack. Secondly, we propose a new honeyword approach named Superword that isolates the direct relationship between username and the corresponding hashed password in password files. Additional honeypots are mixed with real accounts to detect online guessing attacks. The analysis reveals that our approach makes a matching attacker difficult to find a real password from N password hashes. Since there is no connection between the username and password in password files, our honeyword system also alleviates the multiple systems intersection attack and targeted password guessing.
15 citations
01 May 2022
TL;DR: This work proposes four theoretic models for characterizing the attacker $\mathcal{A}$’s best distinguishing strategies, and develops the corresponding honeyword-generation method for each type of attackers, by using various representative probabilistic password guessing models.
Abstract: Honeywords are decoy passwords associated with each user account to timely detect password leakage. The key issue lies in how to generate honeywords that are hard to be differentiated from real passwords. This security mechanism was first introduced by Juels and Rivest at CCS’13, and has been covered by hundreds of media and adopted in dozens of research domains. Existing research deals with honeywords primarily in an ad hoc manner, and it is challenging to develop a secure honeyword-generation method and well evaluate (attack) it. In this work, we tackle this problem in a principled approach. We first propose four theoretic models for characterizing the attacker $\mathcal{A}$’s best distinguishing strategies, with each model based on a different combination of information available to $\mathcal{A}$ (e.g., public datasets, the victim’s personal information and registration order). These theories guide us to design effective experiments with real-world password datasets to evaluate the goodness (flatness) of a given honeyword-generation method.Armed with the four best attacking theories, we develop the corresponding honeyword-generation method for each type of attackers, by using various representative probabilistic password guessing models. Through a series of exploratory investigations, we show the use of these password models is not straightforward, but requires creative and significant efforts. Both empirical experiments and user-study results demonstrate that our methods significantly outperform prior art. Besides, we manage to resolve several previously unexplored challenges that arise in the practical deployment of a honeyword method. We believe this work pushes the honeyword research towards statistical rigor.
11 citations
TL;DR: Wang et al. as discussed by the authors proposed a method to protect the hashed passwords by using topological graphic sequences, which works effectively even if the password file is leaked by using graphic labeling.
Abstract: In this paper, we propose a method to protect the hashed passwords by using topological graphic sequences This method works effectively even if the password file is leaked First, the user password is divided based on its length Then the processed string and the topological graphic sequence are operated for obtaining the real decoy honeywords In this way, a flatness honeywords generation method is generated Since every password seems unrealistic, the hacker who steals the hashed password file cannot distinguish between the real passwords and the honeywords If he uses the honeywords for login, the system will know that it is the intruder’s attack, and then the service provider (SP) can take security measures Finally, several typical attack methods are analyzed to verify the effectiveness of our scheme We use the topological graph to generate the honeywords, which is the first application of graphic labeling in the honeywords generation
6 citations
01 Jul 2020
TL;DR: This work empirically examine the flatness of the proposed honeywords generation strategy against Top Password (Top-PW) attack using real-world datasets, instead of only providing heuristic security arguments.
Abstract: The legacy-UI honeywords generation approach is more favored due to its high usability compared to the modified-UI approach that sometimes becomes unusable in practice. However, several prior arts on legacy-UI based honeywords generation methods often fail to obtain the security standard, especially the flatness criterion. In this work, we propose two legacy-UI honeywords generation strategies based on two password guessing methods: PassGAN and Probabilistic Context-Free Grammar (PCFG). Besides, we also introduce two hybrid strategies by combining PassGAN, PCFG, and random-based methods. We empirically examine the flatness of the proposed honeywords generation strategy against Top Password (Top-PW) attack using real-world datasets, instead of only providing heuristic security arguments. The experiment results show that three of the proposed methods (the PassGAN-based and the two hybrid methods) have lower flatness value than all previous legacy-UI methods and able to meet the "perfectly flat" criterion.
4 citations
Cites methods from "Generation of Secure and Reliable H..."
...[7], [10]–[12]) that only evaluate the flatness of their methods using heuristic security arguments....
[...]
23 Nov 2020
TL;DR: In this article, a new direction of generating honeywords - generating by transforming password hashes - is proposed, which attains expected levels of flatness, security, performance and usability. But, it does not have the ability to generate a set of decoy passwords together with real passwords.
Abstract: Since systems using honeywords store a set of decoy passwords together with real passwords of users to confuse adversaries, they are strongly dependent on the algorithm for generating honeywords. However, all of the existing honeyword generating algorithms are based on raw passwords of users and they either need lots of storage space or show weaknesses in flatness or usability. This paper proposes HoneyHash, a new direction of generating honeywords - generating by transforming password hashes. Analyses show that our algorithm attains expected levels of flatness, security, performance and usability.
3 citations
References
More filters
20 Aug 2014
TL;DR: In this article, the authors showed that users can learn 56-bit secret codes through spaced repetition, and 94% of participants eventually typed their entire secret from memory, after a median of 36 logins, with only 21% reporting having written their secret down.
Abstract: Challenging the conventional wisdom that users cannot remember cryptographically-strong secrets, we test the hypothesis that users can learn randomly-assigned 56- bit codes (encoded as either 6 words or 12 characters) through spaced repetition. We asked remote research participants to perform a distractor task that required logging into a website 90 times, over up to two weeks, with a password of their choosing. After they entered their chosen password correctly we displayed a short code (4 letters or 2 words, 18.8 bits) that we required them to type. For subsequent logins we added an increasing delay prior to displaying the code, which participants could avoid by typing the code from memory. As participants learned, we added two more codes to comprise a 56.4- bit secret. Overall, 94% of participants eventually typed their entire secret from memory, learning it after a median of 36 logins. The learning component of our system added a median delay of just 6.9 s per login and a total of less than 12 minutes over an average of ten days. 88% were able to recall their codes exactly when asked at least three days later, with only 21% reporting having written their secret down. As one participant wrote with surprise, “the words are branded into my brain.” While our study is preliminary in nature, we believe it debunks the myth that users are inherently incapable of remembering cryptographically-strong secrets for a select few high-stakes scenarios, such as a password for enterprise login or as a master key to protect other credentials (e.g., in a password manager).
88 citations
Proceedings Article•
20 Aug 2014TL;DR: Test the hypothesis that users can learn randomly-assigned 56- bit codes (encoded as either 6 words or 12 characters) through spaced repetition by asking remote research participants to perform a distraction task that required logging into a website 90 times with a password of their choosing.
Abstract: Challenging the conventional wisdom that users cannot remember cryptographically-strong secrets, we test the hypothesis that users can learn randomly-assigned 56- bit codes (encoded as either 6 words or 12 characters) through spaced repetition. We asked remote research participants to perform a distractor task that required logging into a website 90 times, over up to two weeks, with a password of their choosing. After they entered their chosen password correctly we displayed a short code (4 letters or 2 words, 18.8 bits) that we required them to type. For subsequent logins we added an increasing delay prior to displaying the code, which participants could avoid by typing the code from memory. As participants learned, we added two more codes to comprise a 56.4- bit secret. Overall, 94% of participants eventually typed their entire secret from memory, learning it after a median of 36 logins. The learning component of our system added a median delay of just 6.9 s per login and a total of less than 12 minutes over an average of ten days. 88% were able to recall their codes exactly when asked at least three days later, with only 21% reporting having written their secret down. As one participant wrote with surprise, "the words are branded into my brain."
86 citations
"Generation of Secure and Reliable H..." refers background in this paper
...Authors in [27], [28] show that humans are capable of learning random strings over time through spaced repetition....
[...]
TL;DR: An alternative approach is suggested that selects the honeywords from existing user passwords in the system in order to provide realistic honeywords-a perfectly flat honeyword generation method-and also to reduce storage cost of the honeyword scheme.
Abstract: Recently, Juels and Rivest proposed honeywords (decoy passwords) to detect attacks against hashed password databases. For each user account, the legitimate password is stored with several honeywords in order to sense impersonation. If honeywords are selected properly, a cyber-attacker who steals a file of hashed passwords cannot be sure if it is the real password or a honeyword for any account. Moreover, entering with a honeyword to login will trigger an alarm notifying the administrator about a password file breach. At the expense of increasing the storage requirement by 20 times, the authors introduce a simple and effective solution to the detection of password file disclosure events. In this study, we scrutinize the honeyword system and present some remarks to highlight possible weak points. Also, we suggest an alternative approach that selects the honeywords from existing user passwords in the system in order to provide realistic honeywords—a perfectly flat honeyword generation method—and also to reduce storage cost of the honeyword scheme.
74 citations
"Generation of Secure and Reliable H..." refers background or methods in this paper
...As mentioned in [18], the list of 10000 most commonly used passwords [21] includes the following...
[...]
...However, according to [18], most of the passwords are simple combinations of digits, alphabets and special characters and not the tough nuts....
[...]
...There exist a few works [16], [18], [20] on the analysis of...
[...]
...The authors in [18] further explain that with the modeling syntax method, it is easy to distin-...
[...]
...As suggested in [18], we can limit the number of login attempts that can bemade using honeywords in a certain period of time....
[...]
01 Jan 1973
TL;DR: Seven design principles help provide insight into the tradeoffs among different possible designs of mechanisms to control sharing of information in the Multics system.
Abstract: This paper describes the design of mechanisms to control sharing of information in the Multics system. Seven design principles help provide insight into the tradeoffs among different possible designs. The key mechanisms described include access control lists, hierarchical control of access specifications, identification and authentication of users, and primary memory protection. The paper ends with a discussion of several known weaknesses in the current protection mechanism design.
41 citations
"Generation of Secure and Reliable H..." refers background in this paper
...User selected passwords are mostly predictable, since humans have a tendency to choose non-random and easy to remember passwords [1]....
[...]
01 Jan 2015
TL;DR: A user study provides evidence that spaced repetition and a specific mnemonic technique enable users to successfully recall multiple strong passwords over time and suggests that 4 PAO stories could be used to create usable and strong passwords for 14 sensitive accounts following this spaced repetition schedule.
Abstract: —We report on a user study that provides evidencethat spaced repetition and a specific mnemonic technique enableusers to successfully recall multiple strong passwords over time.Remote research participants were asked to memorize 4 Person-Action-Object (PAO) stories where they chose a famous personfrom a drop-down list and were given machine-generated randomaction-object pairs. Users were also shown a photo of a scene andasked to imagine the PAO story taking place in the scene (e.g.,Bill Gates—swallowing—bike on a beach). Subsequently, theywere asked to recall the action-object pairs when prompted withthe associated scene-person pairs following a spaced repetitionschedule over a period of 127+ days. While we evaluated severalspaced repetition schedules, the best results were obtained whenusers initially returned after 12 hours and then in 1:5 increasingintervals: 77% of the participants successfully recalled all 4stories in 10 tests over a period of ˇ 158 days. Much of theforgetting happened in the first test period (12 hours): 89%of participants who remembered their stories during the firsttest period successfully remembered them in every subsequentround. These findings, coupled with recent results on naturallyrehearsing password schemes, suggest that 4 PAO stories couldbe used to create usable and strong passwords for 14 sensitiveaccounts following this spaced repetition schedule, possibly witha few extra upfront rehearsals. In addition, we find statisticallysignificant evidence that with 8 tests over 64 days users whowere asked to memorize 4 PAO stories outperform users whoare given 4 random action-object pairs, but with 9 tests over 128days the advantage is not significant. Furthermore, there is aninterference effect across multiple PAO stories: the recall rate of100% (resp. 90%) for participants who were asked to memorize1 PAO story (resp. 2 PAO stories) is significantly better than therate for participants who were asked to memorize 4 PAO stories.These findings yield concrete advice for improving constructionsof password management schemes and future user studies.
32 citations
"Generation of Secure and Reliable H..." refers background in this paper
...Authors in [27], [28] show that humans are capable of learning random strings over time through spaced repetition....
[...]