pdx tech meetup - the changing landscape of passwords
DESCRIPTION
Slides from a talk I gave to the PDX Tech meet up group on 8/18/2014 about the growing dangers of password authentication.TRANSCRIPT
PasswordsChanging times
Two ways forward
The Changing Landscape of Passwords
Ryan Smith, Ph.D.Data Scientist
August 18, 2014
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
Definition
A hash function is a ’one way’ function that scrambles the input sothat a) it’s infeasible to guess the input from the output, and b)slight changes to the input have a large effect on the output.
Input Hashed Output
password 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8Password 8be3c943b1609fffbfc51aad666d0a04adf83c9d1234 7110eda4d09e062aa5e4a390b0a572ac0d2c0220DB+U44@5wK83g*6 df3c73999cc44aabbba6c7167cc8a846a7425f43
Table: Hashes using the SHA-1 algorithm
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
Definition
A hash function is a ’one way’ function that scrambles the input sothat a) it’s infeasible to guess the input from the output, and b)slight changes to the input have a large effect on the output.
Input Hashed Output
password 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8Password 8be3c943b1609fffbfc51aad666d0a04adf83c9d1234 7110eda4d09e062aa5e4a390b0a572ac0d2c0220DB+U44@5wK83g*6 df3c73999cc44aabbba6c7167cc8a846a7425f43
Table: Hashes using the SHA-1 algorithm
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
How do hash functions affect your life?
Data integrity
Bitcoin
All password-based authentication
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
How do hash functions affect your life?
Data integrity
Bitcoin
All password-based authentication
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
How do hash functions affect your life?
Data integrity
Bitcoin
All password-based authentication
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
How password authentication works
1 User enters their password
2 Server computes the hash of their password3 Server compares the hashed password to a master list
[root@localhost ~]# cat /etc/shadow
root:$1$flVALfyK$ kJfaoYnsAm7/plT3.PCmJ/ :15816:0:99999:7:::
bob:$1$MIyV9col$ Up9YON8Z.TI1x37xgFvuO0 :15804:0:99999:7:::
sue:$1$0Iwvz7CA$ QOJLfOSJZuSLC19LSFxt1. :15810:0:99999:7
4 User is authenticated or denied.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
”... because that’s where the money is”
How do attackers compromise password lists?
SQL injection attacks
Cross-site scripting
Buffer overflows
. . .
Avoid single points of failure
Password policies should assume that an attacker has access to thelist of hashed master passwords.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
”... because that’s where the money is”
How do attackers compromise password lists?
SQL injection attacks
Cross-site scripting
Buffer overflows
. . .
Avoid single points of failure
Password policies should assume that an attacker has access to thelist of hashed master passwords.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
Guess and check
Example
Suppose the hash of Laura’s password is d83f445224a58355b13.
Password Hash
cat 3389fc855f142c3d40ffluffy e1e986bc62f6c988ddwhiskers 8ae5f0c19282e29f203. . . . . .kitten42 d83f445224a58355b13
We know that Laura’s password was kitten42
Danger
These are not hypothetical attacks! John the Ripper and Hashcatare both widely available.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Hash FunctionsDefeating password authentication
Guess and check
Example
Suppose the hash of Laura’s password is d83f445224a58355b13.
Password Hash
cat 3389fc855f142c3d40ffluffy e1e986bc62f6c988ddwhiskers 8ae5f0c19282e29f203. . . . . .kitten42 d83f445224a58355b13
We know that Laura’s password was kitten42
Danger
These are not hypothetical attacks! John the Ripper and Hashcatare both widely available.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Enter the GPUThe Cloud
Order of magnitude comparisons
Definition
Embarrassingly parallel problems scale perfectly with moreprocessor power
Device Cores NTLM hashes per second
Intel Core i5 4 5-15 million attempts per secondNVIDIA GTX 690 3072 12-14 billion of attempts per second
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Enter the GPUThe Cloud
Order of magnitude comparisons
Definition
Embarrassingly parallel problems scale perfectly with moreprocessor power
Device Cores NTLM hashes per second
Intel Core i5 4 5-15 million attempts per secondNVIDIA GTX 690 3072 12-14 billion of attempts per second
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Enter the GPUThe Cloud
GPU computing
A cluster of 25 AMD RadeonHD6990s achieved:
350 billion guesses persecond using NTLMhashing,
a complete search of alleight character passwordswith uppercase, lower case,letters, digits, and symbolsin six hours!
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Enter the GPUThe Cloud
Remark
Why run one GPU for 100 hours, when you could run 100 GPU’sfor one hour?
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Repeated hash functionsThird party authentication
Repeated hash functions
Apply a hash function more than once
SHA1(SHA1(“doge”)) = SHA1(aa3cca7d . . .)
= 59c77262 . . .
This is not always such a bad idea, encrypted .dmg files on OS Xuse 250,000 iterations of SHA1.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Repeated hash functionsThird party authentication
Repeated hash functions
Apply a hash function more than once
SHA1(SHA1(“doge”)) = SHA1(aa3cca7d . . .)
= 59c77262 . . .
This is not always such a bad idea, encrypted .dmg files on OS Xuse 250,000 iterations of SHA1.
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords
PasswordsChanging times
Two ways forward
Repeated hash functionsThird party authentication
Let someone else solve the problem for you
Build your websites to use a third party authentication
OpenID - Google, Yahoo, Twitter
Facebook Connect
OAuth 2.0
Ryan Smith, Ph.D. Data Scientist The Changing Landscape of Passwords