Showing papers on "Rainbow table published in 2009"
17 May 2009
TL;DR: This paper discusses a new method that generates password structures in highest probability order by automatically creating a probabilistic context-free grammar based upon a training set of previously disclosed passwords, and then generating word-mangling rules to be used in password cracking.
Abstract: Choosing the most effective word-mangling rules to use when performing a dictionary-based password cracking attack can be a difficult task In this paper we discuss a new method that generates password structures in highest probability order We first automatically create a probabilistic context-free grammar based upon a training set of previously disclosed passwords This grammar then allows us to generate word-mangling rules, and from them, password guesses to be used in password cracking We will also show that this approach seems to provide a more effective way to crack passwords as compared to traditional methods by testing our tools and techniques on real password sets In one series of experiments, training on a set of disclosed passwords, our approach was able to crack 28% to 129% more passwords than John the Ripper, a publicly available standard password cracking program
491 citations
04 Nov 2009
TL;DR: In this paper, the trojan message attack was proposed to produce second preimages of unknown messages when they are appended with a fixed suffix. But this attack is not applicable to tree hash functions.
Abstract: In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this technique, we show a second preimage attack on the folklore "hash-twice" construction which process two concatenated copies of the message. We follow with showing how to apply the herding attack to tree hashes. Finally, we present a new type of attack -- the trojan message attack, which allows for producing second preimages of unknown messages (from a small known space) when they are appended with a fixed suffix.
29 citations
TL;DR: The proposed algorithm can perform both encryption/decryption and hash in a combined manner and has decreased the ratio of ciphertext/plaintext to 1, and improved the efficiency greatly.
24 citations
03 May 2009
TL;DR: In this paper, the authors proposed a new noisy password technique, which consists of several parts, the actual password and additional noisy parts that are well studied to generate different passwords almost every time a user wants to authenticate himself.
Abstract: The purpose of a one-time password (OTP) is to make it more difficult to gain unauthorized access to restricted resources, like a computer account. Traditionally static passwords can more easily be accessed by an unauthorized intruder given enough attempts and time. By constantly altering the password, as is done with a one-time password, this risk can be greatly reduced. In this paper, we propose the new noisy password technique. The proposed system attempts to alleviate the problem of shoulder surfing or eves dropping by making the replay of a password useless. Every time a user is authenticated by totally different password. The noisy password constitute of several parts, the actual password and additional noisy parts that are well studied to generate different passwords almost every time a user wants to authenticate himself. The noisy parts are proven to be robust against any hacking attacks. Experimental results give good indication of the ease of utilization of the new system with low error rates that can be enhanced by time.
23 citations
TL;DR: A new time-memory trade-off method is shown to be able to achieve up to a 50% reduction in terms of the storage requirement in comparison to the well-known rainbow table method, and to demonstrate a significant increase in the success rate of recovery when taking into consideration the effect of collisions.
20 citations
Patent•
15 Jan 2009TL;DR: In this article, a password authentication system for preventing the leakage of password information from user's password input operations includes a memory device for storing a correct answer symbol and selection information for selecting at least one input symbol for each digit of a password.
Abstract: A password authentication apparatus and a password authentication method for preventing the leakage of password information from user's password input operations includes a memory device for storing a correct answer symbol and selection information for selecting at least one input symbol for each digit of a password; a display for displaying combinations of input symbol candidates based on user operation; a processor for selecting, for each digit of the password, one or more input symbols from the combinations of input symbol candidates displayed by the display based on the selection information corresponding to the digit to determine whether the correct answer symbol corresponding to the digit is included in the selected one or more input symbols; and an authentication board for authenticating that the password is entered correctly when the processor determines that correct answer symbols for all the digits of the password are included.
17 citations
TL;DR: It is exposed that when employing a user-chosen password to generate cryptographic keys which themselves are larger than the digest size of the underlying hash function, a part of the resulting key is produced deterministically and this may lead to an exploitable weakness.
Abstract: We expose a potential vulnerability in the common use of password-based cryptography. When employing a user-chosen password to generate cryptographic keys which themselves are larger than the digest size of the underlying hash function, a part of the resulting key is produced deterministically and this, in turn, may lead to an exploitable weakness.
17 citations
20 Nov 2009
TL;DR: A novel hash architecture to address issues in the IP lookup architecture by using pipelined Bloom and fingerprint filters for a binary searching in keys and offers 4.5 and 50.1 times memory and power efficiencies than other contemporary hash and TCAM schemes, respectively.
Abstract: Several challenges in the IP lookup architecture must be addressed for a high-speed forwarding in a large scale routing table: power, memory, and lookup complexity. Hash-based architectures have lookup schemes that are recognized for being both power and memory efficient due to their O(1) lookup, in contrast to other contemporary architectures. In this paper, we propose a novel hash architecture to address these issues by using pipelined Bloom and fingerprint filters for a binary searching in keys. The proposed hash scheme encodes keys' indexes to an on-chip fingerprint table, approximately returns a few indexes in a key query without pointer overhead, and makes a perfect match in an off-chip key table. Due to a memory banking system in pipeline stages, we can achieve O(1) pipelined throughput complexity of insertion, deletion, and query operations. For the IP lookup, a Lulea bitmap with our hash scheme supports a prefix lookup without inflating the numbers of prefixes and next-hops, so that our scalable hash-based scheme can achieve the worst case O(1) IP lookup. The simulation with large scale routing tables shows that our IP lookup scheme offers 4.5 and 50.1 times memory and power efficiencies than other contemporary hash and TCAM schemes, respectively.
17 citations
Patent•
12 Aug 2009
TL;DR: In this article, a technique for retrieving data from a hash table in an Ethernet bridge is described, where the table has a plurality of columns, each of which has a hash function, thereby creating respective different hash key values.
Abstract: A technique is described for retrieving data from a hash table in an Ethernet bridge. The table has a plurality of columns, each of which has a hash function, thereby creating respective different hash key values.
17 citations
Patent•
25 Mar 2009TL;DR: In this article, a method of verifying a password and methods of encryption and decryption using a key generated from a one-time pad was proposed, which includes: (1) receiving a password attempt, (2) retrieving a pointer from memory, (3) searching a one time pad based on the pointer to retrieve a password, (4) comparing the password attempt with the password, and (5) generating a new pointer if the attempt matches the password.
Abstract: A method of verifying a password and methods of encryption and decryption using a key generated from a one-time pad. In one embodiment, the method of verifying includes: (1) receiving a password attempt, (2) retrieving a pointer from memory, (3) searching a one-time pad based on the pointer to retrieve a password, (4) comparing the password attempt with the password and (5) generating a new pointer if the password attempt matches the password.
16 citations
Patent•
13 Feb 2009
TL;DR: In this paper, a password-based key derivation function includes a sub-function that gets executed multiple times based on an iteration count, which helps strengthen weaker passwords without penalizing stronger passwords.
Abstract: A password-based key derivation function includes a sub-function that gets executed multiple times based on an iteration count. A key derivation module computes the iteration count dynamically with each entered password. The iteration count is computed as a function of the password strength. Specifically, the weaker the password, the higher the iteration count; but the stronger the password, the smaller the interaction count. This helps strengthen weaker passwords without penalizing stronger passwords.
25 Apr 2009
TL;DR: This paper suggests a new one-time password scheme using the smart card based on the bilinear pairings that can provide anonymity in authentication process to protect the user’s privacy.
Abstract: Password authentication is one of the simplest and the most convenient authentication mechanisms over insecure networks. One-time password authentication which uses dynamic password helps to enhance the security of password. In this paper, we suggest a new one-time password scheme using the smart card based on the bilinear pairings. By generating temporary identity, our scheme can provide anonymity in authentication process to protect the user’s privacy. Based on the Computational Diffie-Hellman Problem, we show that the proposed scheme is secure against forgery attack and ID attack under the random oracle model.
19 Oct 2009
TL;DR: A novel construction that requires 10-fold smaller on-chip memory and guarantees that all lookups require a single hash table access at near full load can help realize highly scalable and deterministic lookup tables in modern parallel platforms.
Abstract: Exact and approximate membership lookups are among the most widely used primitives in a number of network applications. Hash tables are commonly used to implement these primitive functions as they provide O(1) operations at moderate load (table occupancy). However, at high load, collisions become prevalent in the table, which makes lookup highly non-deterministic and reduces the average performance. Slow and non-deterministic lookups are detrimental to the performance and scalability of modern platforms such as ASIC/FPGA and multi-core that use highly parallel compute and memory structures.To combat non-determinism and achieve high rate lookups, a recent series of papers employ compact on-chip memory that augments the main hash table and stores certain key information. Unfortunately, they require substantial on-chip memory space and bandwidth, and fail to provide 100% guarantee on lookup rate. In this paper, we solve this with a novel construction that requires 10-fold smaller on-chip memory and guarantees that all lookups require a single hash table access at near full load. The on-chip memory uses only between 1- and 2-bit per item and also needs a small number of accesses (between two and four) per lookup. This represents a substantial improvement over previous schemes and therefore can help realize highly scalable and deterministic lookup tables in modern parallel platforms.
11 Dec 2009
TL;DR: A new self-updating hash chain based linear partition-combination algorithm (LPCA), which can share data into m parts and any part can’t leak any information of data s.
Abstract: Self-Updating Hash Chain can be used extensively in many fields, such as one time password(OTP), signatures and authentication etc. In this paper, we propose a new self-updating hash chain based linear partition-combination algorithm (LPCA), which can share data into m parts and any part can’ t leak any information of data s. At a each exchange process, one part of s is transferred. When servers receive k(k≪m parts of s, servers can reconstruct s, the root of a new hash chain is created. Analysis are given to illustrate the Structure Scheme is secure and efficient.
18 Dec 2009
TL;DR: This report analyzes the aggregation modules of the software-based flow meters Vermont and nProbe, evaluating the resilience strength of used hash functions by theoretical analysis and by performing real attacks to show how easily flow monitors can be overloaded.
Abstract: Aggregation modules within flow-based network monitoring tools make use of fast lookup methods to be able to quickly assign received packets to their corresponding flows. In software-based aggregators, hash tables are usually used for this task, as these offer constant lookup times under optimal conditions. The hash functions used for mapping flow keys to hash values need to be chosen carefully to ensure optimal utilization of the hash table. If attackers would be able to create collisions, the hash table degenerates to linked lists with worst-case lookup times of O(n) and greatly reduces the performance of the aggregation modules. Thus, independent of the available computational power of the monitor, an attacker would easily be able to overload the system. In this report, we analyze the aggregation modules of the software-based flow meters Vermont and nProbe. We evaluate the resilience strength of used hash functions by theoretical analysis and confirm the results by performing real attacks. These attacks show how easily flow monitors can be overloaded if the hash algorithm has not been chosen carefully. Based on our observations, we finally present a hash function which we believe has none of the weaknesses we have discovered.
05 Apr 2009
TL;DR: This paper demonstrates the first known system, implemented in a state-of-the-art reconfigurable device that cracks passwords up to 1000 times faster than the software approach by using a highly parallel architecture employing a fine-grained pipeline.
Abstract: One of the most efficient methods for cracking passwords is the one based on ldquorainbow tablesrdquo; those lookup tables are offering an almost optimal time-memory tradeoff in the process of recovering the plaintext password from a password hash generated by a cryptographic hash function. In this paper, we demonstrate the first known system, implemented in a state-of-the-art reconfigurable device that cracks passwords up to 1000 times faster than the software approach. This is achieved by using a highly parallel architecture employing a fine-grained pipeline.
Patent•
02 Oct 2009
TL;DR: In this article, a de-duplication engine comprising a secret key is utilized to generate a secret-key hash of the at least one block of data, which is then compared with the secret key hash table of previously stored data on the storage system to identify duplicated data.
Abstract: Methods and systems for protecting de-duplication repositories against a malicious attack are disclosed. One method receives at least one block of data to store in a data storage system. A de-duplication engine comprising a secret key is utilized to generate a secret key hash of the at least one block of data. A comparison of the secret key hash of the at least one block of data with a secret key hash table of previously stored data on the data storage system to identify duplicated data, the secret key hash comparing protecting the data storage system against a malicious attack.
Patent•
16 Jun 2009TL;DR: In this paper, a method using an electronic chip for authentication and configuring an one-time password using a one time password generated at a onetime password service end replacing a personal identification number required in authenticating operations on an electronic Chip (IC cards such as smart card, hardware secure module(HSM)e, EMV chip... etc.).
Abstract: A method using an electronic chip for authentication and configuring an one time password uses a one time password generated at a one time password service end replacing a personal identification number required in authenticating operations on an electronic chip (IC cards, such as smart card, hardware secure module(HSM)e, EMV chip . . . etc.). Before operating on the electronic chip, a request for the one time password is sent to the one time password service end; or the one time password with access condition is applied in advance, and is used as a key to authenticate operations on the electronic chip. The method enhances privacy of the password and provides added application method for improved confidentiality.
Patent•
05 Mar 2009TL;DR: In this paper, a password system includes a user interface, a password generating unit, and a password checking unit, which generates a password including multiple frames, generates an integrity check code associated with the generated password, and scrambles the generated passwords and provides the scrambled password to the user interface.
Abstract: A password system includes a user interface, a password generating unit, and a password checking unit. The password generating unit generates a password including multiple frames, generates an integrity check code associated with the generated password, and scrambles the generated password and provides the scrambled password to the user interface. The password checking unit stores the integrity check code, frame number information and scramble information which are provided from the password generating unit, descrambles a scrambled password that is input from the user interface based on the stored scramble information, and authenticates the user interface by comparing an integrity check code generated from the descrambled password and the stored integrity check code.
11 Dec 2009
TL;DR: This paper analyzed a technique of password hashing, to compute secure passwords and found that SHA-1 is more secure but slow in execution asSHA-1 includes more rounds than MD5 in calculating hashes.
Abstract: Password is a key to secret authentication data and is most widely used for security purposes therefore it is open to attacks such as phishing attack. Phishing is a form of internet fraud, which phisher applies to steal online consumer's personal identity data and financial account credentials. In this paper, we analyze a technique of password hashing, to compute secure passwords. Using this mechanism, we can obtain hash value by applying a cryptographic hash function to a string consisting of the submitted password and, usually, another value known as a salt. The salt value consists of current parameters of the system and prevents attackers from building a list of hash values for common passwords. MD5 and SHA1 are frequently used cryptographic hash functions. We implemented these algorithms and found that SHA-1 is more secure but slow in execution as SHA-1 includes more rounds than MD5 in calculating hashes.
TL;DR: This work presents several protocols that allow a user to automatically recover a password from a server using partial knowledge of the password, and introduces client-server password recovery methods, in which the recovery data are stored at the server and the recovery procedures are integrated into the login procedures.
Abstract: Human memory is not perfect --- people constantly memorize new facts and forget old ones. One example is forgetting a password, a common problem raised at IT help desks. We present several protocols that allow a user to automatically recover a password from a server using partial knowledge of the password. These protocols can be easily adapted to the personal entropy setting [7], where a user can recover a password only if he can answer a large enough subset of personal questions.
We introduce client-server password recovery methods, in which the recovery data are stored at the server, and the recovery procedures are integrated into the login procedures. These methods apply to two of the most common types of password based authentication systems. The security of these solutions is significantly better than the security of presently proposed password recovery schemes. For our protocols we propose a variation of threshold encryption [5, 8, 16] that might be of independent interest.
23 Oct 2009
TL;DR: This paper introduces a natural way of how to find preimages on a hash function by using a rainbow table even if the hash function utilizes the Merkle-Dåmgard (MD) strengthening as a padding procedure.
Abstract: In this paper, we introduce a natural way of how to find preimages on a hash function by using a rainbow table even if the hash function utilizes the Merkle-Damgard (MD) strengthening as a padding procedure. To overcome the MD strengthening, we identify the column functions as representatives of certain set of preimages, unlike conventional usage of rainbow tables or Hellman tables to invert one-way functions. The workload of the precomputation to prepare a table is as much as the workload of brute force as usual. Then, one can find a preimage of a given arbitrary digest value in 22n/3 steps by using 22n/3 memory where n is both the digest size and the length of the chaining value. The notion of the attack is extended to certain improved variants of the MD construction. We generalized the attack when the digest size is not equal to the length of chaining value. We verified the results experimentally as well.
21 Nov 2009
TL;DR: The results of simulation demonstrated the improvement of the proposal in both accessing delay and searching hops compared to distributed hash table, and presented corresponding data accessing methods.
Abstract: It generally utilized either peer-to-peer overlay network or server clusters to offer wide area network storage service. These network storage systems suffered from performance penalties or single-point failure. This paper proposed a network storage structure which combines regular graph with distributed hash table, and presented corresponding data accessing methods. The results of simulation demonstrated the improvement of the proposal in both accessing delay and searching hops compared to distributed hash table.
Posted Content•
TL;DR: This article considers alternative method of deletion keys, where the authors avoid using the mark "deleted", and contains the implementation of the method in Java.
Abstract: Deletion from open-address hash table is not so easy as deletion from chained hash table, because in open-address table we can't simply mark a slot containing deleted key as empty. Search for keys may become incorrect. The classical method to implement deletion is to mark slots in hash table by three values: "free", "busy", "deleted". That method is easy to implement, but there are some disadvantages. In this article we consider alternative method of deletion keys, where we avoid using the mark "deleted". The article contains the implementation of the method in Java.
Journal Article•
TL;DR: A new one-time password authentication scheme based on hash function and public key encryption, which provi-ded client/server with mutual authentication and could avoid different attacks and protect user's identity.
Abstract: Analyzed some shortages of the existing one-time password based on challenge/response authentication protocols,and designed a new one-time password authentication scheme based on hash function and public key encryption,which provi-ded client/server with mutual authentication and could avoid different attacksIt also overcame the existing challenge/response protocol weakness of server's overhead and could protect user's identityFinally,analyzed its security and efficiency character
01 Jan 2009
TL;DR: A survey and evaluation of hash tables and summaries that allow compact representations and constant lookup time for IPv6 routing sound attractive for IPv5 routing, thus a survey and Evaluation of these data structures seems appropriate.
Abstract: Efficient IPv6 packet forwarding is still a major bottleneck in todays networks. Especially in the internet core we are faced with very large routing tables and a high number of high-speed links. In addition economical restrains exist in terms of manufacturing and operation costs. So demand is high for efficient IPv6 packet forwarding mechanisms. In the last few years a lot of work has been done on hash tables and summaries that allow compact representations and constant lookup time. The features sound attractive for IPv6 routing, thus a survey and evaluation of these data structures seems appropriate.
Journal Article•
TL;DR: A simple and novel scheme for remote password recovery based on set reconciliation and symmetric cryptography essentially acted as high entropy password storing is proposed.
Abstract: Proposed a simple and novel scheme for remote password recovery based on set reconciliation.Used the set of low entropy passwords to recover a high entropy password.Accomplished the random map of password set using standard hash function.And symmetric cryptography essentially acted as high entropy password storing.Demonstrated two security protocols how to realize the process of password recovery between the end user Alice and the service provider Trent.
23 Nov 2009
TL;DR: This work investigates the possibility of reusing colours, i.e., repeating the reduction functions, in the rainbow attack, and shows how this outperforms the Hellman and the rainbow attacks in a model of fixed resources.
Abstract: Hashing or encrypting a key or a password is a vital part in most network security protocols. The most practical generic attack on such schemes is a time memory trade-off attack. Such an attack inverts any one-way function using a trade-off between memory and execution time. Existing techniques include the Hellman attack and the rainbow attack, where the latter uses different reduction functions ("colours") within a table.
This work investigates the possibility of reusing colours, i.e., repeating the reduction functions, in the rainbow attack. We show how this outperforms the Hellman and the rainbow attack in a model of fixed resources. We try to characterize exactly when this improvement appears and in such a case the choice of an optimal number of colours.
17 Jun 2009
TL;DR: A verifier-based PAKE protocol in cross-realm setting called VB-4PAKE, in which the client uses a plaintext version of the password, while the server stores a verifier of the passwords, is proposed.
Abstract: Most existing password-based authenticated key exchange(PAKE) protocols in cross-realm setting are based on balance scheme, which is vulnerable to password guessing attacks and server compromise attack. In this paper, we propose a verifier-based PAKE protocol in cross-realm setting called VB-4PAKE, in which the client uses a plaintext version of the password, while the server stores a verifier of the password. We also show that the proposed protocol can resist various attacks including password guessing attacks and server compromise attack.