Passwords and You CREATING AND MAINTAINING SECURE PASSWORDS.
Passwords
-
Upload
kevin-obrien -
Category
Technology
-
view
125 -
download
6
description
Transcript of Passwords
Passwords
Kevin O'BrienWashtenaw Linux Users Group
The server side
● Your password is stored on a server somewhere
● How securely?● May depend on the nature of the site
Access is the asset
● You have a password to grant you access to an online resource
● You want to keep others from this resource● But some resources are more important than
others
The site owner controls this!
● The only choice you have is the password you will use
● The site owner needs to secure and protect it● Good luck if that site is Sony
Threats aimed at you
● You are the biggest threat● Social engineering is still an excellent way to
get your password● “Hi, I'm Ted from IT, and I need to verify your
password...”● Or it might be an e-mail with a clickable link to
malware
But are you the best target?
● Social engineering is retail● Hackers want to go wholesale● You are only a good individual target if the
payout is compelling● That means it is personal● Or that you have something really valuable
(e.g. intellectual property, access to corporate assets)
Money makes the world go round
● The best financial payoff in most cases is by cracking a business database of customer data
● Right now companies are largely escaping liability when this happens
● This creates a type of moral hazard● Companies will only spend money on security
when the cost of security is less than the cost of failure
Password Proliferation
● These days almost any site you go to demands a login and password to do just about anything
● This creates problems because people cannot handle this in a safe manner
● For instance, every password must contain a letter, a number, a symbol, a squirrel sound, and a Sanskrit hieroglyph
Sites induce failure
● If you need a ton of passwords, chances are you will use the same one over and over
● And if you use the same password to post a comment on the Rabid Rabbit blog as you do for your bank, a cracker can attack the blog to get into your bank account.
● So step one is to triage your sites by importance
Important sites
● A site is important if it has an asset that you really want to protect
● Banking● Health information● Email● These sites should have unique and secure
passwords
What can a cracker do?
● Well, if they can get into your bank account, they can wire money from your account to an account in say Belorussia
● And you may be liable for the money in that case, not the bank
● Disable any online banking features you don't absolutely need
Throwaway sites
● If you need a password to comment on a blog post, that is throwaway
● The password here should never be one you use on an important site
● But it probably does little harm to use the same one multiple times if you are accurate about your triage
How crackers work
● They may start with a targeted attack on an individual with access (spear phishing) to get a password
● Or they find a weakness in the online/network software (e.g. privilege elevation)
● Either way, they get access to the database
Worst case scenario
● The site has simply stored passwords as clear text● This means the cracker has everything as soon as
they get the database● One possible sign of this is when password length
is limited to a certain number of characters● They may not tell you. Try leaving off the last
character and see if you get in
Hashing
● Uses a one-way function to encrypt the password● Easy to compute the hash● Infeasible to reverse the process and get back the
original● Infeasible to modify the original without modifying the
hash● Infeasible to get two originals with the same hash
Infeasible?
● We are talking about current technology● We can mathematically analyze the level of
resources needed to crack a hash using current technology
● We can reasonably forecast the advancement of that technology absent fundamental breakthroughs
Arms race
● But it is an arms race● NSA, GCHQ, and criminals (hard to tell the
difference sometimes) are all eager to break encryption
● Researchers are busy researching● Quantum computing could change the field
drastically
Hashing algorithms
● MD5 – created by Ron Rivest (RSA) in 1991, but no longer secure
● Secure Hashing Algorithm 1 (SHA1) – Created by NSA and required in many government applications, but found to be less secure in 2005, leading to SHA2
● SHA3 was recently specified after a competition, but is very new and not in wide use yet
So what does a responsible owner do?
● Use encryption● Definitely not MD5● Hopefully not SHA1● Ideally SHA2 or SHA3, but for now SHA2 is
your best bet.● Note that SHA1 certificates are already
scheduled for EOL (Google, right now; Microsoft, 2017)
How passwords work in practice
● Generally, your password is transmitted to the site in the clear, which makes you vulnerable to man-in-the-middle attack
● That is why an SSL connection is important for any site that is important
● Browsers are starting to be configured to do this by default
● EFF has a plug-in for this as well: https://www.eff.org/https-everywhere
Hashing on site
● The password is then hashed by the Web site, and the hash is stored
● On later logins, the password is again hashed, and the hashes are compared
● Done properly, the hash cannot be cracked by a frontal brute force attack with current technology
Dictionary attacks
● This is the way most attacks are done● A large number of passwords are created and
hashed by the crackers.● They can then lookup hashes in the database
against their dictionary● Generally, at least 50% of the passwords in a
database can be found by this method fairly quickly
The bad news
● A lot of people use known poor passwords● “password”, “1234”, “letmein”● Leet-speak is no defense, the dictionaries all
have that included● Many people use the same bad password, so
all of them will will fail at once
Solution: Salted Hash
● A random number is added to the password before it is hashed
● This is called the “salt”● The dictionaries won't work unless they are
compiled using the exact same random number● The salt has to be stored as well as the hash
for future login purposes
Salt is discoverable, but no matter
● The salt is probably in the same database as the hash
● So crackers will get the salt● But then they need to compile their entire
dictionary for each salt to get a possible hit● If every account has a different salt, that is a lot
of computation
Salt explanation
A really good explanation of how to do salted hashes correctly can be found at:
http://www.codeproject.com/Articles/704865/Salted-Password-Hashing-Doing-it-Right
You have a responsibility too
● We looked at what site owners ought to be doing
● But you too have a responsibility● You need to create passwords that are less
likely to fall to a dictionary attack● But remember this is an arms race, you need to
follow changes in technology and be ready to make your changes in response
Entropy
● Essentially, the degree of randomness in a system
● @^$(hodjhij6 is pretty random● “123456” is not at all random● Nor is “password”● Random = less likely to be in a dictionary
Uncrackable?
● Possibly, if both you and the site do everything correctly
● But changes in technology affect this● The NSA is storing a whole bunch of encrypted
messages for the day they can crack them● If this is your concern, you need to be very
vigilant and follow the technology
Realistically...
● What most of us really need to do is not have our bank account drained by a bad guy
● Or have our health information revealed publicly
● Or have our identity stolen● Etc.
Don't reuse passwords
● This is the most common mistake people make● Crackers now get passwords from one site and
start trying them on banks● They get enough hits to make this very lucrative● Any site that is important should have a unique,
strong password● Probably OK to have a standard password that
is throwaway for low-value sites (e.g. blogs)
Add to the entropy
● Avoid common names● http://splashdata.com/press/worstpasswords2013.htm● For some reason “monkey” is very popular● The ironic one is “trustno1”● But any word or name is bad
Entropy in action
● Suppose you have a 6-character password made of random lowercase letters
● You have 266 possible passwords (assuming standard English alphabet)
● 266=308,915,776● How good is this?
Hashing mathematics
● Bitcoin mining works by calculating hashes● Some very clever people have a monetary
incentive to improve hashing performance● As of this writing I have seen reports of 800
billion hashes per second in bitcoin mining rigs● So 308,915,776 combination can be checked in
a very small fraction of a second using equipment available to the general public today
Adding to the field
● If we have a mix of upper and lowercase, that gives us 526=19,770,609,664
● Better, but it still only takes a bitcoin mining rig less than a second
● Add in numbers, and 626~=57 billion● Add in special characters, and 956~=700 billion
Password Haystacks
● Term coined by Steve Gibson● The way to make it harder to search for a needle in
a haystack is to make the haystack much bigger● This approach says length trumps everything● Gibson claims that “………..pass……………” is
actually secure as long as the cracker doesn't have advance knowledge of your particular algorithm
Dictionaries and long passwords
● Suppose you create a password of 30 characters
● You use all 95 keyboard characters● And your password isn't limited to only 30
characters● This gets interesting● In theory, the total number of combinations is
95+952+953+954+....9529+9530 = 2*1052
How big is that?
● Assume a bitcoin mining rig can compute a trillion hashes per second
● A trillion is 1012
● So the number of seconds needed to search this particular haystack is 2*1047
● One year has 3*107 seconds● So it requires 6*1039 years to search this● The universe is 1.3*1010 years old
Computationally infeasible
● This is the definition of computationally infeasible
● But note that crackers are not sitting still either● A long passphrase made up of dictionary words
is vulnerable● http://arstechnica.com/security/2013/08/thereis
nofatebutwhatwemake-turbo-charged-cracking-comes-to-long-passwords/
Long and random
● The only way to guarantee (for now, remember) that your password cannot be cracked is to have passwords both long and random
● If quantum computing comes in, everything changes
● But quantum computing will change encryption technology as well, so the world probably will not come to an end
Implications
● Everyone needs long, random passwords● Almost by definition, this means they are
difficult if not impossible to remember● Passwords are perhaps the worst possible way
of securely authenticating people● Which is why we are working on ways to get
away from passwords
For now...
● Use Two-factor authentication when offered (Duo Security, Google, Ubikey, etc.)
● Use a password generator and vault (e.g. LastPass, KeePassX)
● These generate strong passwords and store them for you
● This works on the principle of “Keep all of your eggs in one basket, and watch that basket!”
LastPass
● Made for web site logins● Available for Chrome, Firefox, Safari, IE● Integrates with Duo Security and Ubikey for two-factor
authentication● Can automatically log you in to a site● Information stored in the cloud, but encrypted first on
your machine before being uploaded (AES-256)● Requires that you memorize one strong password to
protect your vault
KeePassX
● Stores your passwords locally in an encrypted database
● Available offline, which is why I store my WiFi password at home in here
● Having passwords in two places is a good idea for guaranteeing access to you
● Again, needs a good password to protect the database
Recommendations
● Right now, in 2014, the best recommendation is to use long, random passwords
● Since this means they cannot be memorized, use something like LastPass, KeePassX, or both, to generate and store passwords.
● I personally use both