investigating the distribution of password choices
play

Investigating the Distribution of Password Choices David Malone and - PowerPoint PPT Presentation

Nov 22, 2023 •225 likes •420 views

Investigating the Distribution of Password Choices David Malone and Kevin Maher, Hamilton Institute, NUI Maynooth. 19 April 2012 How to Guess a Password? Passwords are everywhere. If you dont know the password, can you guess it? 1. Make a

  1. Investigating the Distribution of Password Choices David Malone and Kevin Maher, Hamilton Institute, NUI Maynooth. 19 April 2012

  2. How to Guess a Password? Passwords are everywhere. If you dont know the password, can you guess it? 1. Make a list of passwords. 2. Assess the probability that each was used. 3. Guess from most likely to least likely. A dictionary attack, but with optimal ordering. (Applies to computers and keys too.)

  3. How long will that take? If we knew probability P i of i th password. Rank the passwords from 1 (most likely) to N (least likely). Average number of guesses is: N � G = iP i . i =1 Note, not the same as Entropy (Massey ’94, Arikan ’96). Does this P i really make sense? Is there a distribution with which passwords are chosen?

  4. Outline • Is there password distribution? Is knowing it better than a crude guess? • Are there any general features? Do different user groups behave in a similar way? • Some distributions better than others. Can we help users make better decisions?

  5. Getting data Want a collection of passwords to study distribution. Asked Yahoo, Google. • . . . Crackers eventually obliged. • 2006: flirtlife, 98930 users, 43936 passwords, 0.44. • 2009: hotmail, 7300 users, 6670 passwords, 0.91. • 2009: computerbits, 1795 users, 1656 passwords, 0.92. • 2009: rockyou, 32603043 users, 14344386 passwords, 0.44. Good: cleartext! Bad: Had to clean up data.

  6. Top Ten Rank hotmail #users flirtlife #users computerbits #users rockyou #users 1 123456 48 123456 1432 password 20 123456 290729 2 123456789 15 ficken 407 computerbits 10 12345 79076 3 111111 10 12345 365 123456 7 123456789 76789 4 12345678 9 hallo 348 dublin 6 password 59462 5 tequiero 8 123456789 258 letmein 5 iloveyou 49952 6 000000 7 schatz 230 qwerty 4 princess 33291 7 alejandro 7 12345678 223 ireland 4 1234567 21725 8 sebastian 6 daniel 185 1234567 3 rockyou 20901 9 estrella 6 1234 175 liverpool 3 12345678 20553 10 1234567 6 askim 171 munster 3 abc123 16648 (c.f. Imperva analysis of Rockyou data, 2010)

  7. Distribution? 100 10000 least squares s=0.44 least squares s=0.69 1000 10 100 Frequency Frequency 10 1 1 0.1 0.1 1 10 100 1000 10000 1 10 100 1000 10000 100000 Rank (binned) Rank (binned) hotmail flirtlife 100 1e+06 least squares s=0.45 least squares s=0.78 100000 10000 10 Frequency Frequency 1000 100 1 10 1 0.1 0.1 1 10 100 1000 10000 1 10 100 1000 10000 100000 1e+06 1e+07 1e+08 Rank (binned) Rank (binned) computerbits rockyou

  8. Zipf? • A straight line on a log-log plot points towards heavy tail. • Zipf? P r ∝ 1 r s • Slope gives s . • Can check p-values (Clauset ’09). • s is small, less than 1.

  9. Guesswork Predictions 3500 25000 Uniform model Guesswork Uniform model Guesswork Real data Guesswork Real data Guesswork Zipf model Guesswork Zipf model Guesswork 3000 Uniform model 0.85 Guesswork Uniform model 0.85 Guesswork Real data 0.85 Guesswork 20000 Real data 0.85 Guesswork Zipf model 0.85 Guesswork Zipf model 0.85 Guesswork 2500 15000 2000 Guesses Guesses 1500 10000 1000 5000 500 0 0 hotmail flirtlife 900 8e+06 Uniform model Guesswork Uniform model Guesswork Real data Guesswork Real data Guesswork 800 Zipf model Guesswork 7e+06 Zipf model Guesswork Uniform model 0.85 Guesswork Uniform model 0.85 Guesswork Real data 0.85 Guesswork Real data 0.85 Guesswork 700 Zipf model 0.85 Guesswork Zipf model 0.85 Guesswork 6e+06 600 5e+06 500 Guesses Guesses 4e+06 400 3e+06 300 2e+06 200 1e+06 100 0 0 computerbits rockyou

  10. Who cares? • Algorithm Design — exploit heavy tail? • Can we get close to optimal dictionary attack? • Can we make dictionary attack less effective? 2 and 3 answer questions about common behavior and helping users.

  11. Dictionary Attack Suppose we use one dataset as a dictionary to attack another. 1e+00 1e+03 1e-01 probability / fraction of users users 1e+02 1e-02 1e+01 1e-03 optimal guessing guesses from rockyou guesses from flirtlife guesses from computerbits 40% 1e+00 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 1e+06 1e+07 1e+08 guesses hotmail

  12. Dictionary Attack — Same Story 1e+00 1e+05 1e+00 1e+04 1e-01 1e+03 1e-01 probability / fraction of users probability / fraction of users 1e+03 1e-02 users 1e+02 users 1e-02 1e+02 1e-03 1e+01 1e-03 optimal guessing 1e+01 optimal guessing 1e-04 guesses from rockyou guesses from rockyou guesses from flirtlife guesses from hotmail guesses from computerbits guesses from computerbits 40% 40% 1e+00 1e+00 1e-05 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 1e+06 1e+07 1e+08 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 1e+06 1e+07 1e+08 guesses guesses hotmail flirtlife 1e+00 1e+00 1e+03 1e+07 1e-01 1e+06 probability / fraction of users 1e-02 probability / fraction of users 1e-01 1e+05 1e+02 1e-03 1e+04 users users 1e-04 1e+03 1e-02 1e-05 1e+01 1e+02 optimal guessing optimal guessing 1e-06 guesses from rockyou guesses from flirtlife 1e+01 guesses from flirtlife guesses from hotmail guesses from hotmail 1e-03 guesses from computerbits 1e-07 40% 40% 1e+00 1e+00 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 1e+06 1e+07 1e+08 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 1e+06 1e+07 1e+08 guesses guesses computerbits rockyou

  13. Dictionary Attack Gawker December 2010, Gawker, 748090 DES Hashes, well salted. 1e+00 1e+05 1e-01 probability / fraction of users 1e+04 1e-02 users 1e+03 1e-03 1e+02 1e-04 guesses from rockyou guesses from flirtlife 1e+01 guesses from hotmail 1e-05 guesses from computerbits guesses from dictionary 40% 1e+00 1e+00 1e+01 1e+02 1e+03 1e+04 1e+05 1e+06 1e+07 1e+08 guesses Results in paper for % passwords. Dell’Amico’10 review smart generators. This looks × 10!

  14. Helping Users If users select passwords ‘randomly’, can we make them a better generator? • Banned list (e.g. twitter), • Password rules (e.g. numbers and letters). • Act like a cracker (e.g. cracklib), • Cap peak of password distribution (e.g. Schechter’10), • Aim for uniform? Metropolis-Hastings algorithm takes bad random number generator and makes it good.

  15. Metropolis-Hastings for Uniform Passwords Keep a frequency table F ( x ) for requests to use password x . 1. Uniformly choose x from all previously seen passwords. 2. Ask user for a new password x ′ . 3. Generate a uniform real number u in the range [0 , F ( x ′ )] and then increment F ( x ′ ). If u ≤ F ( x ) go to step 4 (accept), otherwise return to step 2 (reject). 4. Accept use of x ′ as password.

  16. How does it do? 10000 First Choice Metropolis-Hastings Scheme Hard limit 1/1000000 1000 Frequency 100 10 1 1 10 100 1000 10000 100000 1e+06 Rank Rockyou-based test, 1000000 users, mean tries 1.28, variance 0.61. Could be implemented using min-count sketch. Doesn’t store actual use frequencies. No parameters, aims to flatten whole distribution.

  17. Conclusions • Idea of distribution of password choices seems useful. • Zipf is OK, but not perfect match. • Different user groups have a lot in common (not peak). • Dictionaries not great for dictionary attacks. • Treat users as random password generators? • Future: Generalise beyond web passwords? • Future: Field test of Metropolis-Hastings? • Future: What does optimal banned list look like?

  18. From Reviews • So much cool literature from (at least) 1979–2012. • In security, passwords are the gift that keeps on giving.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

In Investigating Pharmaceutical Distribution, Persistence and Degradation in Scottish Waters

In Investigating Pharmaceutical Distribution, Persistence and Degradation in Scottish Waters

In Investigating Pharmaceutical Distribution, Persistence and Degradation in Scottish Waters Lydia Niemi PhD Researcher and Hydro Nation Scholar Environmental Research Institute, University of the Highlands and Islands Contact:

544 views • 6 slides
investigating the effect of depth on species connectivity and distribution in the deep sea Nils

investigating the effect of depth on species connectivity and distribution in the deep sea Nils

investigating the effect of depth on species connectivity and distribution in the deep sea Nils Piechaud, Nicola Foster, Rebecca Ross, Michelle Taylor, Alex Rogers, Kerry Howell Introduction: The cruise - Scientific Goal - background Results

706 views • 28 slides
Unlocking the Mysteries of Venus Atmosphere: Investigating the Particle and Gas Density

Unlocking the Mysteries of Venus Atmosphere: Investigating the Particle and Gas Density

Unlocking the Mysteries of Venus Atmosphere: Investigating the Particle and Gas Density Distribution Relationships that Support the Formation of Venus Dense Sulfuric Acid Clouds Jenny Witt University of Wisconsin Madison Dr.

307 views • 20 slides
Authentication of People what you know (passwords) what you have (keys) what you are

Authentication of People what you know (passwords) what you have (keys) what you are

people 1 Authentication of People what you know (passwords) what you have (keys) what you are (biometric devices) where you are (physical) Slide 1 Passwords initial password distribution (students) limit password guessing

305 views • 7 slides
Team Password Manager Password Management Software for Groups http://teampasswordmanager.com

Team Password Manager Password Management Software for Groups http://teampasswordmanager.com

Team Password Manager Password Management Software for Groups http://teampasswordmanager.com What is Team Password Manager - Password manager for groups and projects - Uses projects to group passwords - Secure, fine grained password sharing -

712 views • 9 slides
Cisco Passwords - Enforcing Minimum Password Length Common Types of Password Attacks Brute-Force

Cisco Passwords - Enforcing Minimum Password Length Common Types of Password Attacks Brute-Force

Cisco Passwords - Enforcing Minimum Password Length Common Types of Password Attacks Brute-Force Attack - tries every possible character combination as a password. To recover a single-letter password would require up to 26 combinations. A

415 views • 8 slides
Is Password InSecurity Inevitable? Cryptographic Enhancements to Password Protocols Hugo

Is Password InSecurity Inevitable? Cryptographic Enhancements to Password Protocols Hugo

Is Password InSecurity Inevitable? Cryptographic Enhancements to Password Protocols Hugo Krawczyk (IBM Research) Works with Stanislaw Jarecki, Jiayu Xu (UC Irvine) Aggelos Kiayas (U Edinburgh) Nitesh Saxena, Maliheh Shirvanian (UA Birmingham)

750 views • 32 slides
Password, Authentication, Password Managers Week 4 Frank Chen | Spring 2017 Frank Chen | Spring

Password, Authentication, Password Managers Week 4 Frank Chen | Spring 2017 Frank Chen | Spring

LastPass, a Password Manager Application CS 88S Password, Authentication, Password Managers Week 4 Frank Chen | Spring 2017 Frank Chen | Spring 2017 Agenda Review last weeks material Some Definitions Password in the Cloud

584 views • 47 slides
LastPass An Introduction to Password Managers Why do I need a Password manager? Email is your

LastPass An Introduction to Password Managers Why do I need a Password manager? Email is your

LastPass An Introduction to Password Managers Why do I need a Password manager? Email is your Master Key When you forget a password, they send a reset link to your email. Anyone with access to your email has the power to reset your other

549 views • 31 slides
TRANSPORTATION CHOICES TRANSPORTATION CHOICES Asia Yeary U.S. EPA Hawaii Sustainability

TRANSPORTATION CHOICES TRANSPORTATION CHOICES Asia Yeary U.S. EPA Hawaii Sustainability

TRANSPORTATION CHOICES TRANSPORTATION CHOICES Asia Yeary U.S. EPA Hawaii Sustainability Coordinator Hawaii Build & Buy Green Conference May 10, 2013 TRANSPORTATION CHOICES OVERVIEW TRANSPORTATION CHOICES OVERVIEW Federal grants &

305 views • 19 slides
Proactive Password Checking Analyze proposed password for goodness Always invoked

Proactive Password Checking Analyze proposed password for goodness Always invoked

Proactive Password Checking Analyze proposed password for goodness Always invoked Can detect, reject bad passwords for an appropriate definition of bad Discriminate on per-user, per-site basis Needs to do

363 views • 21 slides
Day 3 If you are still using the default password that was assigned when your account was

Day 3 If you are still using the default password that was assigned when your account was

Day 3 If you are still using the default password that was assigned when your account was created, CHANGE IT NOW! (It can be the same as your email password.) Day 3 Steps in compiling: (Optional preprocessing) Lexical analysis

483 views • 17 slides
1. Normal distribution 2. Geometric distribution 3. Binomial distribution 4.

1. Normal distribution 2. Geometric distribution 3. Binomial distribution 4.

Chapter 3. Distribution of Random Variables Jan 26, 2016 by Huamei Dong 1. Normal distribution 2. Geometric distribution 3. Binomial distribution 4. Negative binomial distribution 5. Poisson distribution 1.Normal distribution

520 views • 11 slides
Measuring password strength by simulating password-cracking algorithms Saranga Komanduri Patrick

Measuring password strength by simulating password-cracking algorithms Saranga Komanduri Patrick

Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms Saranga Komanduri Patrick Gage Kelley, Michelle L. Mazurek, Richard Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor,

1.88k views • 85 slides
CS5412: HOW DURABLE SHOULD IT BE? Lecture XV Ken Birman Choices, choices 2 A system

CS5412: HOW DURABLE SHOULD IT BE? Lecture XV Ken Birman Choices, choices 2 A system

CS5412 Spring 2016 (Cloud Computing: Birman) 1 CS5412: HOW DURABLE SHOULD IT BE? Lecture XV Ken Birman Choices, choices 2 A system like Vsync lets you control message ordering, durability, while Paxos opts for strong guarantees.

680 views • 39 slides
Open source password manager for teams 80% of security incidents are due to poor password

Open source password manager for teams 80% of security incidents are due to poor password

Open source password manager for teams 80% of security incidents are due to poor password management policies. ~ Trustwave Each year, over 125 millions hours of productivity are lost due to passwords management problematics. ~

950 views • 25 slides
BITCRACKER Elena Agostini, Massimo Bernaschi 2 BITCRACKER: BITLOCKER MEETS GPUS BITLOCKER

BITCRACKER Elena Agostini, Massimo Bernaschi 2 BITCRACKER: BITLOCKER MEETS GPUS BITLOCKER

BITLOCKER MEETS GPUS BITCRACKER Elena Agostini, Massimo Bernaschi 2 BITCRACKER: BITLOCKER MEETS GPUS BITLOCKER Windows Vista, 7, 8.1 and 10 encryption feature (Ultimate, Pro, Enterprise, etc..) It encrypts several types of memory units

904 views • 30 slides
User Authentication and Passwords Storing Passwords Selecting Passwords CSS322: Security and

User Authentication and Passwords Storing Passwords Selecting Passwords CSS322: Security and

CSS322 Passwords Authentication Passwords Entropy User Authentication and Passwords Storing Passwords Selecting Passwords CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by

670 views • 28 slides
Cryptographic Key Infrastructure Goal: bind identity to key Classical: not possible as

Cryptographic Key Infrastructure Goal: bind identity to key Classical: not possible as

Cryptographic Key Infrastructure Goal: bind identity to key Classical: not possible as all keys are shared Use protocols to agree on a shared key (see earlier) Public key: bind identity to public key Crucial as people will

690 views • 41 slides
Dragonblood : Weaknesses in WPA3s Dragonfly Handshake Mathy Vanhoef and Eyal Ronen BruCON.

Dragonblood : Weaknesses in WPA3s Dragonfly Handshake Mathy Vanhoef and Eyal Ronen BruCON.

Dragonblood : Weaknesses in WPA3s Dragonfly Handshake Mathy Vanhoef and Eyal Ronen BruCON. Belgium, 11 October 2019. 2 Background: Dragonfly in WPA3 and EAP-pwd = Password Authenticated Key Exchange (PAKE) Negotiate Provide mutual

1.97k views • 56 slides
Hash Proof Systems and Password Protocols II Password-Authenticated Key Exchange David

Hash Proof Systems and Password Protocols II Password-Authenticated Key Exchange David

Hash Proof Systems and Password Protocols II Password-Authenticated Key Exchange David Pointcheval CNRS, Ecole normale sup erieure/PSL & INRIA 8th BIU Winter School Key Exchange February 2018 CNRS/ENS/PSL/INRIA David

319 views • 14 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Free-Net Ian Clarke, Oskar Sandberg, Brandon Wiley, Theodore Hong, 2000 Goal - peer-to-peer network -

746 views • 36 slides
S ecurit e des protocoles cryptographiques : aspects logiques et calculatoires Mathieu

S ecurit e des protocoles cryptographiques : aspects logiques et calculatoires Mathieu

Introduction Symbolic analysis Constraint solving Computational justification Conclusion S ecurit e des protocoles cryptographiques : aspects logiques et calculatoires Mathieu Baudet Laboratoire Sp ecification et V erification

963 views • 58 slides
machine learning JOE GARDINER (@THECYBERJOE) Who am I? Final year PhD student at Lancaster

machine learning JOE GARDINER (@THECYBERJOE) Who am I? Final year PhD student at Lancaster

Tricking binary trees: The (in)security of machine learning JOE GARDINER (@THECYBERJOE) Who am I? Final year PhD student at Lancaster University President Lancaster University Ethical Hacking Group (LUHack) Joining University of

1.41k views • 65 slides

More recommend