Mechanism Design in Defense against Offline Password Attacks

Wenjie Bai (16051163)

15 June 2023

<p>The prevalence of offline password attacks, resulting from attackers breaching authentication servers and stealing cryptographic password hashes, poses a significant threat. Users' tendency to select weak passwords and reuse passwords across multiple accounts, coupled with computation advancement,  further exacerbate the danger.</p> <p><br></p> <p>This dissertation addresses this issue by proposing password authentication mechanisms that aim to minimize the number of compromised passwords in the event of offline attacks, while ensuring that the server's workload remains manageable. Specifically, we present three mechanisms: (1) DAHash: This mechanism adjusts password hashing costs based on the strength of the underlying password. Through appropriate tuning of hashing cost parameters, the DAHash mechanism effectively reduces the fraction of passwords that can be cracked by an offline password cracker. (2) Password Strength Signaling: We explore the application of Bayesian Persuasion to password authentication. The key idea is to have the authentication server store a noisy signal about the strength of each user password for an offline attacker to find. We demonstrate that by appropriately tuning the noise distribution for the signal, a rational attacker will crack fewer passwords. (3) Cost-Asymmetric Memory Hard Password Hashing: We extend the concept of password peppering to modern Memory Hard password hashing algorithms. We identify limitations in naive extensions and introduce the concept of cost-even breakpoints as a solution. This approach allows us to overcome these limitations and achieve cost-asymmetry, wherein the expected cost of validating a correct password is significantly smaller than the cost of rejecting an incorrect password.</p> <p><br></p> <p>When analyzing the behavior of a rational attacker it is important to understand the attacker’s guessing curve i.e., the percentage of passwords that the attacker could crack within a guessing budget B. Dell’Amico and Filippone introduced a Monte Carlo algorithm to estimate the guessing number of a password as well as an estimate for the guessing curve. While the estimated guessing number is accurate in expectation the variance can be large and the method does not guarantee that the estimates are accurate with high probability. Thus, we introduce Confident Monte Carlo as a tool to provide confidence intervals for guessing number estimates and upper/lower bound the attacker’s guessing curves.</p> <p><br></p> <p>Moreover, we extend our focus beyond classical attackers to include quantum attackers. We present a decision-theoretic framework that models the rational behavior of attackers equipped with quantum computers. The objective is to quantify the capabilities of a rational quantum attacker and the potential damage they could inflict, assuming optimal decision-making. Our framework can potentially contribute to the development of effective countermeasures against a wide range of quantum pre-image attacks in the future.</p>

Data security and protection

Password Authentication Mechanism

Stackelberg Game

Password Strength Estimation

Offline Password Attacks

Quantum Pre-image Attacks

多伺服器環境中基於智慧卡的身分認證機制之研究 / A Study on Smart Card Based User Authentication Mechanism for Multi-Server Environments

張詠詠, Chang, Yung Yung

Unknown Date

隨著科技的進步，智慧卡的種類漸增，功能也愈趨完善，生活中需要使用到智慧卡的時機也愈來愈頻繁，與之相對的，其安全性也愈加受到重視，尤其在卡片遺失的情形下，必須做到卡片中留存的資料就算被有心人士竊取，也無法從中得出使用者密碼(password)，藉以偽冒成合法使用者，如此才能確保卡片使用者的安全。為了達到此一目的，許多學者在智慧卡的安全機制上做了許多的研究，如：2012年學者Cheng等人提出了一個基於智慧卡的遠端使用者登錄認證機制。同一時期，學者Li等人也提出了多伺服器網路中，基於密碼驗證的智慧卡認證機制。本研究中，我們發現Cheng等人及Li等人所自訂之智慧卡認證協議，在智慧卡遺失的情況下，並未提供完整的保密環境，導致其使用者與伺服器雙方所建立的秘鑰與會議金鑰可能被破解而無法得知。因此，我們提出了改良版的基於邏輯運算的智慧卡身分驗證機制，加入Diffie-Hellman密鑰交換，以達到更具安全性的目標。 / With advances in technology, different types and functions of smart cards have become more popular and perfect in recent years. We use smart cards in daily life more and more frequent, so smart card security has become a very important issue, especially in the case of smart-card-loss. We have to ensure that if our card is lost and someone steals the sensitive data in our card, he/she cannot use it to guess or get user’s password. To achieve the goal, many researchers have done a lot of work in smart card security. In 2012 Cheng et al. proposed a smart card based authentication scheme for remote user login and verification. During the same period, Li et al. proposed a password and smart card based user authentication mechanism for multi-server environments. In this thesis, we first pointed out the security flaws of Cheng et al.’s and Li et al.’s mechanism. We found that Cheng et al.’s and Li et al.’s mechanism cannot be secure under offline-dictionary attack in the smart-card-loss case. This enables adversaries to guess user’s password and session keys. Secondly, we introduced an improved version of smart card based authentication mechanism using Diffie-Hellman key exchange to overcome the above mentioned problems

智慧卡

身分驗證機制

Diffie-Hellman密鑰交換

Smart card

Authentication mechanism

Diffie-Hellman key exchange

Memory-based Hardware-intrinsic Security Mechanisms for Device Authentication in Embedded Systems

Soubhagya Sutar (9187907)

30 July 2020

<div>The Internet-of-Things (IoT) is one of the fastest-growing technologies in computing, revolutionizing several application domains such as wearable computing, home automation, industrial manufacturing, <i>etc</i>. This rapid proliferation, however, has given rise to a plethora of new security and privacy concerns. For example, IoT devices frequently access sensitive and confidential information (<i>e.g.,</i> physiological signals), which has made them attractive targets for various security attacks. Moreover, with the hardware components in these systems sourced from manufacturers across the globe, instances of counterfeiting and piracy have increased steadily. Security mechanisms such as device authentication and key exchange are attractive options for alleviating these challenges.</div><div><br></div><div>In this dissertation, we address the challenge of enabling low-cost and low-overhead device authentication and key exchange in off-the-shelf embedded systems. The first part of the dissertation focuses on a hardware-intrinsic mechanism and proposes the design of two Physically Unclonable Functions (PUFs), which leverage the memory (DRAM, SRAM) in the system, thus, requiring minimal (or no) additional hardware for operation. Two lightweight authentication and error-correction techniques, which ensure robust operation under wide environmental and temporal variations, are also presented. Experimental results obtained from prototype implementations demonstrate the effectiveness of the design. The second part of the dissertation focuses on the application of these techniques in real-world systems through a new end-to-end authentication and key-exchange protocol in the context of an Implantable Medical Device (IMD) ecosystem. Prototype implementations exhibit an energy-efficient design that guards against security and privacy attacks, thereby making it suitable for resource-constrained devices such as IMDs.</div><div><br></div>

Computer Engineering

Computer System Security

physically unclonable functions

PUF

Dynamic Random Access Memories

DRAM

device authentication

key exchange

authentication protocol

authentication scheme

authentication mechanism

combination PUF

memory PUF

implantable medical devices

IMD

IMD security

hardware security

Embedded Systems Security

Vers des communications de confiance et sécurisées dans un environnement véhiculaire / Towards trusted and secure communications in a vehicular environment

Tan, Heng Chuan

13 September 2017

Le routage et la gestion des clés sont les plus grands défis dans les réseaux de véhicules. Un comportement de routage inapproprié peut affecter l’efficacité des communications et affecter la livraison des applications liées à la sécurité. D’autre part, la gestion des clés, en particulier en raison de l’utilisation de la gestion des certificats PKI, peut entraîner une latence élevée, ce qui peut ne pas convenir à de nombreuses applications critiques. Pour cette raison, nous proposons deux modèles de confiance pour aider le protocole de routage à sélectionner un chemin de bout en bout sécurisé pour le transfert. Le premier modèle se concentre sur la détection de noeuds égoïstes, y compris les attaques basées sur la réputation, conçues pour compromettre la «vraie» réputation d’un noeud. Le second modèle est destiné à détecter les redirecteurs qui modifient le contenu d’un paquet avant la retransmission. Dans la gestion des clés, nous avons développé un système de gestion des clés d’authentification et de sécurité (SA-KMP) qui utilise une cryptographie symétrique pour protéger la communication, y compris l’élimination des certificats pendant la communication pour réduire les retards liés à l’infrastructure PKI. / Routing and key management are the biggest challenges in vehicular networks. Inappropriate routing behaviour may affect the effectiveness of communications and affect the delivery of safety-related applications. On the other hand, key management, especially due to the use of PKI certificate management, can lead to high latency, which may not be suitable for many time-critical applications. For this reason, we propose two trust models to assist the routing protocol in selecting a secure end-to-end path for forwarding. The first model focusses on detecting selfish nodes, including reputation-based attacks, designed to compromise the “true” reputation of a node. The second model is intended to detect forwarders that modify the contents of a packet before retransmission. In key management, we have developed a Secure and Authentication Key Management Protocol (SA-KMP) scheme that uses symmetric cryptography to protect communication, including eliminating certificates during communication to reduce PKI-related delays.

Règle de combinaison de Dempster

Fusion d’informations

Attaques par paquets

Attaques basées sur la réputation

Attaques à transmission limitée

VANET

WMN

PKI sans certificat

Cryptosystèmes hybrides

Proverif

Accord de clé 3D basé sur un réseau

Dempster’s rule of combination

Information fusion

Packet dropping attacks

Recommendation-based trust model

Reputation-based attacks

Limited transmission power attacks

Merkle tree authentication mechanism

VANET

WMN

Certificate-less PKI

Hybrid cryptosystems

Proverif

3D grid-based key agreement