scispace - formally typeset
Search or ask a question
Journal ArticleDOI

Generation of Secure and Reliable Honeywords, Preventing False Detection

TL;DR: This work proposes new and more practical honeyword generation techniques, which achieve ‘approximate flatness’, implying that the honeywords generated using these techniques are indistinguishable from passwords with high probability, and proposes a new attack model called ‘Multiple System Intersection attack considering Input’.
Abstract: Breach in password databases has been a frequent phenomena in the software industry. Often these breaches go undetected for years. Sometimes, even the companies involved are not aware of the breach. Even after they are detected, publicizing such attacks might not always be in the best interest of the companies. This calls for a strong breach detection mechanism. Juels et al. (in ACM-CCS 2013) suggest a method called ‘Honeywords’, for detecting password database breaches. Their idea is to generate multiple fake passwords, called honeywords and store them along with the real password. Any login attempt with honeywords is identified as a compromise of the password database, since legitimate users are not expected to know the honeywords corresponding to their passwords. The key components of their idea are (i) generation of honeywords, (ii) typo-safety measures for preventing false alarms, (iii) alarm policy upon detection, and (iv) testing robustness of the system against various attacks. In this work, we analyze the limitations of existing honeyword generation techniques. We propose a new attack model called ‘Multiple System Intersection attack considering Input’. We show that the ‘Paired Distance Protocol’ proposed by Chakraborty et al., is not secure in this attack model. We also propose new and more practical honeyword generation techniques and call them the ‘evolving-password model’, the ‘user-profile model’, and the ‘append-secret model’. These techniques achieve ‘approximate flatness’, implying that the honeywords generated using these techniques are indistinguishable from passwords with high probability. Our proposed techniques overcome most of the risks and limitations associated with existing techniques. We prove flatness of our ‘evolving-password model’ technique through experimental analysis. We provide a comparison of our proposed models with the existing ones under various attack models to justify our claims.
Citations
More filters
Journal ArticleDOI
TL;DR: This study proposes a “matching attack” model and finds that although Erguler's honeyword system can achieve perfect flatness, the success rate of the attacker is 100% under matching attack, and proposes a new honeyword approach named Superword that isolates the direct relationship between username and the corresponding hashed password in password files.

15 citations

Proceedings ArticleDOI
01 May 2022
TL;DR: This work proposes four theoretic models for characterizing the attacker $\mathcal{A}$’s best distinguishing strategies, and develops the corresponding honeyword-generation method for each type of attackers, by using various representative probabilistic password guessing models.
Abstract: Honeywords are decoy passwords associated with each user account to timely detect password leakage. The key issue lies in how to generate honeywords that are hard to be differentiated from real passwords. This security mechanism was first introduced by Juels and Rivest at CCS’13, and has been covered by hundreds of media and adopted in dozens of research domains. Existing research deals with honeywords primarily in an ad hoc manner, and it is challenging to develop a secure honeyword-generation method and well evaluate (attack) it. In this work, we tackle this problem in a principled approach. We first propose four theoretic models for characterizing the attacker $\mathcal{A}$’s best distinguishing strategies, with each model based on a different combination of information available to $\mathcal{A}$ (e.g., public datasets, the victim’s personal information and registration order). These theories guide us to design effective experiments with real-world password datasets to evaluate the goodness (flatness) of a given honeyword-generation method.Armed with the four best attacking theories, we develop the corresponding honeyword-generation method for each type of attackers, by using various representative probabilistic password guessing models. Through a series of exploratory investigations, we show the use of these password models is not straightforward, but requires creative and significant efforts. Both empirical experiments and user-study results demonstrate that our methods significantly outperform prior art. Besides, we manage to resolve several previously unexplored challenges that arise in the practical deployment of a honeyword method. We believe this work pushes the honeyword research towards statistical rigor.

11 citations

Journal ArticleDOI
TL;DR: Wang et al. as discussed by the authors proposed a method to protect the hashed passwords by using topological graphic sequences, which works effectively even if the password file is leaked by using graphic labeling.

6 citations

Proceedings ArticleDOI
01 Jul 2020
TL;DR: This work empirically examine the flatness of the proposed honeywords generation strategy against Top Password (Top-PW) attack using real-world datasets, instead of only providing heuristic security arguments.
Abstract: The legacy-UI honeywords generation approach is more favored due to its high usability compared to the modified-UI approach that sometimes becomes unusable in practice. However, several prior arts on legacy-UI based honeywords generation methods often fail to obtain the security standard, especially the flatness criterion. In this work, we propose two legacy-UI honeywords generation strategies based on two password guessing methods: PassGAN and Probabilistic Context-Free Grammar (PCFG). Besides, we also introduce two hybrid strategies by combining PassGAN, PCFG, and random-based methods. We empirically examine the flatness of the proposed honeywords generation strategy against Top Password (Top-PW) attack using real-world datasets, instead of only providing heuristic security arguments. The experiment results show that three of the proposed methods (the PassGAN-based and the two hybrid methods) have lower flatness value than all previous legacy-UI methods and able to meet the "perfectly flat" criterion.

4 citations


Cites methods from "Generation of Secure and Reliable H..."

  • ...[7], [10]–[12]) that only evaluate the flatness of their methods using heuristic security arguments....

    [...]

Book ChapterDOI
23 Nov 2020
TL;DR: In this article, a new direction of generating honeywords - generating by transforming password hashes - is proposed, which attains expected levels of flatness, security, performance and usability. But, it does not have the ability to generate a set of decoy passwords together with real passwords.
Abstract: Since systems using honeywords store a set of decoy passwords together with real passwords of users to confuse adversaries, they are strongly dependent on the algorithm for generating honeywords. However, all of the existing honeyword generating algorithms are based on raw passwords of users and they either need lots of storage space or show weaknesses in flatness or usability. This paper proposes HoneyHash, a new direction of generating honeywords - generating by transforming password hashes. Analyses show that our algorithm attains expected levels of flatness, security, performance and usability.

3 citations

References
More filters
Proceedings ArticleDOI
TL;DR: In this article, a user study was conducted where they were asked to memorize 4 Person-Action-Object (PAO) stories where they chose a famous person from a dropdown list and were given machine-generated random action-object pairs.
Abstract: We report on a user study that provides evidence that spaced repetition and a specific mnemonic technique enable users to successfully recall multiple strong passwords over time. Remote research participants were asked to memorize 4 Person-Action-Object (PAO) stories where they chose a famous person from a drop-down list and were given machine-generated random action-object pairs. Users were also shown a photo of a scene and asked to imagine the PAO story taking place in the scene (e.g., Bill Gates---swallowing---bike on a beach). Subsequently, they were asked to recall the action-object pairs when prompted with the associated scene-person pairs following a spaced repetition schedule over a period of 127+ days. While we evaluated several spaced repetition schedules, the best results were obtained when users initially returned after 12 hours and then in $1.5\times$ increasing intervals: 77% of the participants successfully recalled all 4 stories in 10 tests over a period of 158 days. Much of the forgetting happened in the first test period (12 hours): 89% of participants who remembered their stories during the first test period successfully remembered them in every subsequent round. These findings, coupled with recent results on naturally rehearsing password schemes, suggest that 4 PAO stories could be used to create usable and strong passwords for 14 sensitive accounts following this spaced repetition schedule, possibly with a few extra upfront rehearsals. In addition, we find that there is an interference effect across multiple PAO stories: the recall rate of 100% (resp. 90%) for participants who were asked to memorize 1 PAO story (resp. 2 PAO stories) is significantly better than the recall rate for participants who were asked to memorize 4 PAO stories. These findings yield concrete advice for improving constructions of password management schemes and future user studies.

27 citations

Proceedings ArticleDOI
08 Sep 2015
TL;DR: Three concepts -- modified tails, close number formation and caps key are introduced to address the existing issues and the experimental analysis shows that the proposed techniques with some preprocessing can protect high percentage of passwords.
Abstract: Traditionally the passwords are stored in hashed format. However, if the password file is compromised then by using the brute force attack there is a high chance that the original passwords can be leaked. False passwords -- also known as honeywords, are used to protect the original passwords from such leak. A good honeyword system is dependent on effective honeyword generation techniques. In this paper, the risk and limitations of some of the existing honeyword generation techniques have been identified as different notes. Three concepts -- modified tails, close number formation and caps key are introduced to address the existing issues. The experimental analysis shows that the proposed techniques with some preprocessing can protect high percentage of passwords. Finally a comparative analysis is presented to show how the proposed approaches stand with respect to the existing honeyword generation approaches.

15 citations


"Generation of Secure and Reliable H..." refers background or methods in this paper

  • ...b) The “Close-number-formation (CNF)” method suggested in [20] is presented as an improvement over chaffing by tweaking technique....

    [...]

  • ...For example (from [20]), the password chosen by user is ‘animal’ and the two characters selected by the user are ‘ni’....

    [...]

  • ...Modified-tail [20] 1/k weak no no yes yes yes approach...

    [...]

  • ...There exist a few works [16], [18], [20] on the analysis of...

    [...]

  • ...Close-number [20] 1/k weak no yes no no yes formation...

    [...]

Book ChapterDOI
13 Dec 2014
TL;DR: Rig as mentioned in this paper is a secure password hashing framework based on secure cryptographic hash functions which provides the flexibility to choose different functions for different phases of the construction and is flexible as the memory parameter is independent of time parameter (no actual time and memory trade-off).
Abstract: Password Hashing, a technique commonly implemented by a server to protect passwords of clients, by performing a one-way transformation on the password, turning it into another string called the hashed password In this paper, we introduce a secure password hashing framework Rig which is based on secure cryptographic hash functions It provides the flexibility to choose different functions for different phases of the construction The design of the scheme is very simple to implement in software and is flexible as the memory parameter is independent of time parameter (no actual time and memory trade-off) and is strictly sequential (difficult to parallelize) with comparatively huge memory consumption that provides strong resistance against attackers using multiple processing units It supports client-independent updates, ie, the server can increase the security parameters by updating the existing password hashes without knowing the password Rig can also support the server relief protocol where the client bears the maximum effort to compute the password hash, while there is minimal effort at the server side We analyze Rig and show that our proposal provides an exponential time complexity against the low-memory attack

10 citations

Posted Content
TL;DR: A new honeyword generation approach, identified as Paired Distance Protocol (PDP) is proposed which overcomes almost all the drawbacks of previously proposed Honeyword generation approaches and also reduces the storage cost to a great extent.
Abstract: Inverting the hash values by performing brute force computation is one of the latest security threats on password based authentication technique. New technologies are being developed for brute force computation and these increase the success rate of inversion attack. Honeyword base authentication protocol can successfully mitigate this threat by making password cracking detectable. However, the existing schemes have several limitations like Multiple System Vulnerability, Weak DoS Resistivity, Storage Overhead, etc. In this paper we have proposed a new honeyword generation approach, identified as Paired Distance Protocol (PDP) which overcomes almost all the drawbacks of previously proposed honeyword generation approaches. The comprehensive analysis shows that PDP not only attains a high detection rate of 97.23% but also reduces the storage cost to a great extent.

10 citations


"Generation of Secure and Reliable H..." refers background or methods in this paper

  • ...Attack: As mentioned in [16] Same circular list could be shared among m different systems and User may use same RS for different accounts...

    [...]

  • ...There exist a few works [16], [18], [20] on the analysis of...

    [...]

  • ...Another technique PDP is an approach where randomness is selected by the user as explained in Section 4....

    [...]

  • ...Take-a-tail [6] PDP [16] Append-sectret [this work]...

    [...]

  • ...the ‘Paired Distance Protocol’ defined in [16] is completely...

    [...]

Book ChapterDOI
21 Oct 2004
TL;DR: This paper proposes a method, which stores information in a uniform format, accesses it in a standard interface and exploits account federation, authentication proxy, and authorization proxy to transfer authentication and authorization results.
Abstract: Software Services based Application Service Provider pattern is an important method in constructing enterprise applications, which integrate business systems with different authentication mechanism. So there are questions such as repeated authentication and authorization, difficulties in authorization management, difficult to describe security information interoperability. This paper proposes a method, which stores information in a uniform format, accesses it in a standard interface and exploits account federation, authentication proxy, and authorization proxy to transfer authentication and authorization results. As a result, we design and implement a single sign-on system by this method.

4 citations


"Generation of Secure and Reliable H..." refers background in this paper

  • ...A way to get around this issue is to implement the proposed scheme in single signon systems [29],(1) the user would only be required to remember a single random string of length 2-4 characters, which would not affect the usability of the system immensely....

    [...]