Upload File

jr13 (honeywords)

Click here to load reader

prev
next
out of 36
Download JR13 (Honeywords)

Upload: constantinos-athanasiou

Post on 07-Aug-2015

30 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

  1. 1. ,: 13101 , : 13109 , : 13113 07/01/20131 & , 2013-14
  2. 2. Aris Jucls, Ronald L. Rivest Honeywords: Making Password- Cracking Detectable 07/01/20132 & , 2013-14
  3. 3. : , . : . (Hash Functions) : : . 07/01/2013 & , 3 Password H(p)
  4. 4. ( server) (1234, ) (post-it) ( ) ( reset ) 07/01/2013 & , 4
  5. 5. - , , . ? Juels Rivest 07/01/2013 & , 5
  6. 6. (honeypot accounts) , . , , honeypot , ; 07/01/2013 & , 6
  7. 7. Honeywords - ; . , k honeywords. , honeywords . honeyword . login honeyword , . 07/01/2013 & , 7
  8. 8. Honeychecker , . Honeychecker: honeywords. : Set Check. ( passwords honeywords ). 07/01/2013 & , 8 HoneycheckerSet Check Check
  9. 9. , ui : , (tough nuts). ... honeywords , 1/k (k-1)/k (perfectly flat honeywords). 07/01/2013 & , 9 Hash[1] Hash[2] . Hash[k] Honeyword[1] honeyword[2] [???]. Honeyword[k]
  10. 10. honeywords Legacy UI Modified UI 07/01/2013 & , 10 Honeywords: Making Password-Cracking Detectable
  11. 11. Legacy UI Chaffing by tweaking Chaffing-by-tail-tweaking Chaffing-by-tweaking-digits Chaffing-with-a-password-model 07/01/2013 & , 11 Honeywords: Making Password-Cracking Detectable
  12. 12. Legacy UI Chaffing-by- tweaking Chaffing by tweaking Chaffing-by-tail-tweaking Chaffing-by-tweaking-digits Password Head Tail , , . 07/01/2013 & , 12 Honeywords: Making Password-Cracking Detectable
  13. 13. Legacy UI Chaffing-with-a-password- model Chaffing with a password model Modeling Syntax : password: mice3blind model syntax: W4|D1|W5 honeyword: gold5rings 07/01/2013 & , 13 Honeywords: Making Password-Cracking Detectable
  14. 14. Modified UI take-a-tail . . 07/01/2013 & , 14 Honeywords: Making Password-Cracking Detectable
  15. 15. Random Pick sweetwords honeywords 07/01/2013 & , 15 Honeywords: Making Password-Cracking Detectable
  16. 16. Typo safety 07/01/2013 & , 16 Honeywords: Making Password-Cracking Detectable
  17. 17. honeywords 1. Chaffing with a password model 2. Chaffing-by-tweaking-digits 3. 07/01/2013 & , 17 Honeywords: Making Password-Cracking Detectable
  18. 18. - 07/01/2013 & , 18 Honeywords: Making Password-Cracking Detectable
  19. 19. Honeywords Honeychecker 07/01/2013 & , 19 Honeywords: Making Password-Cracking Detectable
  20. 20. Honeypot 07/01/2013 & , 20 Honeywords: Making Password-Cracking Detectable
  21. 21. Sweetword 07/01/2013 & , 21 Honeywords: Making Password-Cracking Detectable ,i ja
  22. 22. - honeychecker (DoS) 07/01/2013 & , 22 Honeywords: Making Password-Cracking Detectable
  23. 23. - honeychecker (DoS) 07/01/2013 & , 23 Honeywords: Making Password-Cracking Detectable
  24. 24. - honeychecker (DoS) 07/01/2013 & , 24 Honeywords: Making Password-Cracking Detectable
  25. 25. - honeychecker (DoS) 07/01/2013 & , 25 Honeywords: Making Password-Cracking Detectable
  26. 26. - honeychecker (DoS) 07/01/2013 & , 26 Honeywords: Making Password-Cracking Detectable
  27. 27. - honeychecker (DoS) 07/01/2013 & , 27 Honeywords: Making Password-Cracking Detectable
  28. 28. , (intersection) (sweetword submission) 07/01/2013 & , 28 Honeywords: Making Password-Cracking Detectable
  29. 29. , (intersection) (sweetword submission) 07/01/2013 & , 29 Honeywords: Making Password-Cracking Detectable
  30. 30. , (intersection) (sweetword submission) 07/01/2013 & , 30 Honeywords: Making Password-Cracking Detectable
  31. 31. Intersection ,/ honeyword Sweetword submission 07/01/2013 & , 31 Honeywords: Making Password-Cracking Detectable
  32. 32. Intersection ,/ honeyword Sweetword submission 07/01/2013 & , 32 Honeywords: Making Password-Cracking Detectable
  33. 33. 8 (Weir) 20 (Bonneau) () 07/01/2013 & , 33 Honeywords: Making Password-Cracking Detectable
  34. 34. (Houshmand,Aggarwal) client-server Secure Remote Password Protocol (decoy) 07/01/2013 & , 34 Honeywords: Making Password-Cracking Detectable
  35. 35. 07/01/2013 & , 35 Honeywords: Making Password-Cracking Detectable
  36. 36. 07/01/2013 & , 36 Honeywords: Making Password-Cracking Detectable

9d 3 E : E;B 5 6 6 5 6 6 5 7 6 6 5 6 6 5 7 6 6 5 6 6 5 7 6 6 5 6 6 5 7 6 5 .8 9d

SESSION ID: Honeywords: A New Tool for Protection from Password Database Breach DSP-W02 Kevin Bowers Senior Research Scientist RSA Laboratories [email protected]

Honeywords: Making Password-Cracking Detectable · Honeywords: Making Password-Cracking Detectable Ari Juels RSA Laboratories Cambridge, MA, USA ... of cracking hashed passwords …

Honeywords: A New Tool for Protection from Password ... · A New Tool for Protection from Password Database Breach . DSP-W02 . ... Study of 69M Yahoo passwords ... Cracking Detectable

jr13 - aktuelles forum e.V.: · PDF fileHans Frey, MdL a.D. Vorsitzender Ulrika Engler, Leiterin #Europa Jahresthema Vorwort Das beherrschende Thema des Jahres 2016 war die sogenannte

Les données géographiques 3D pour simuler l’impact …recherche.ign.fr/jr/jr13/JR2013_COGIT_Brasebin.pdf · –Implantation de bâtiments. ... En rouge, les objets géographiques,

A Critical Security Analysis of the Password-based ... · A Critical Security Analysis of the Password-based Authentication Honeywords System Under Code-Corruption Attack Ziya Alper

Honeywords: Making Password-Cracking Detectablepeople.csail.mit.edu/rivest/pubs/JR13.pdf · password cracking easier to detect. Sometimes administrators set up fake user accounts

Honeywords - BSides London 2014

Gravimétrie spatiale: apports à l’étude du système Terrerecherche.ign.fr/jr/jr13/JR2013_LAREG_Panet.pdf · 2015. 1. 26. · Gravimétrie spatiale: Apports à l [étude du système

JR SURFBOARDS WHEN PLACING YOUR ORDER TO … (1).pdf · jr surfboards sprays & tints preview jr12 jr13 jr21 jr22 jr23 jr24 *please refer to each code number when placing your order

Honeywords: A New Tool for Protection from Password Database Breach

Honeywords: A New Tool for Protection from Password ...people.csail.mit.edu/rivest/pubs/BR14.pdf · #RSAC Password hashing ! To defeat precomputation attack, a per-user ``salt’’

Honeywords: Making Password-Cracking Detectable

Suivi par GPS d'un glissement de terrain à l'aide d'un réseau de capteurs sans …recherche.ign.fr/jr/jr13/JR2013_LOEMI_Benoit.pdf · 2015-01-26 · IGN 25/04/2013 2/15 Présentation

Honeywords: Making Password-Cracking Detectable by Ari Juels, Ronald L. Rivest presenter : Eirini Aikaterini Degleri, 2735 CS558 Lecture on Passwords I