En modell för utformandet av biografiska ordböcker / A model for the design of biographical dictionaries

Ginman, Johan

January 2021

Every website, computer and IT system have users who need to verify their identity throughauthentication. The most common form of authentication today is to apply an alphanumericpassword. Passwords are often based on biographical information that can be derived from the userhimself and common elements that are usually utilized while creating passwords are names, petnames, family related, and date of birth. While passwords today are often based on the individual'sbiographical elements, the police have problems cracking encrypted devices because it takes a longtime and is complex to identify the correct password among all possible combinations. This problemis the basis for the work and is the reason why this model for how biographical dictionaries should bestructured and contain is created. To design the model, a literature review has been carried outwhere elements have been defined and a structure formed. Interviews with IT forensics from thepolice and NFC were then held to refine the different elements and structure of the initial model andto create a reality anchor. The result of this work is a product in the form of a model that can be usedto create biographical dictionaries based on target people. The model demonstrates whichbiographical elements are relevant for finding potential passwords. The conclusion drawn is that themodel can facilitate the work of the police and IT forensics when it comes to cracking people'sbiographical passwords. By using a dictionary that is built with the model, time-consuming attackssuch as brute-force attacks or more general dictionary attacks do not need to be applied. / Till varje hemsida, dator och IT-system finns användare som behöver verifiera sin identitet genomautentisering. Den vanligaste formen av autentisering är idag att applicera ett alfanumerisktlösenord. Lösenord bygger ofta på biografiska uppgifter som kan härledas från användaren själv ochvanliga element som brukar användas vid lösenordsgenerering är: namn, husdjursnamn, familj ochfödelsedatum. Samtidigt som lösenord idag ofta bygger på individens biografiska element har polisenproblem att knäcka krypterade enheter på grund av att det tar lång tid och är väldigt komplext attidentifiera rätt lösenord bland alla möjliga kombinationer. Detta problem ligger till grund för arbetetsamt är orsaken till varför denna modell för hur biografiska ordböcker ska vara strukturerade ochinnehålla skapas. För att utforma modellen har en litteraturöversikt genomförts där element hardefinierats och en struktur formats. Intervjuer med IT-forensiker från polisen och NFC hölls därefterför att förädla den initiala modellens olika element och struktur samt att skapa enverklighetsförankring. Resultatet av detta arbete är en slutprodukt i form av en modell som går attnyttja för att skapa biografiska ordböcker utifrån målpersoner. Modellen påvisar vilka biografiskaelement som är relevanta för att hitta potentiella lösenord. Slutsatsen som dras gör gällande attmodellen kan underlätta polisens och IT-forensikers arbete när det kommer till att knäcka personersbiografiska lösenord. Genom att nyttja en ordbok som är uppbyggd med modellen behöver intetidskrävande angrepp som ”brute force” attacker eller mer generella ordboksattacker appliceras.

Biographical dictionaries

password Cracking

Dictionary attack

police

digital forensics.

Biografiska ordböcker

lösenordsknäckning

ordboksattack

Polis

it-forensik.

Information Systems

Constructing and Evaluating a Raspberry Pi Penetration Testing/Digital Forensics Reconnaissance Tool

Lundgren, Marcus, Persson, Johan

January 2020

Tools that automate processes are always sough after across the entire IT field. This project's aim was to build and evaluate a semi-automated reconnaissance tool based on a Raspberry Pi 4, for use in penetration testing and/or digital forensics. The software is written in Python 3 and utilizes Scapy, PyQt5 and the Aircrack-ng suite along with other pre-existing tools. The device is targeted against wireless networks and its main purpose is to capture what is known as the WPA handshake and thereby crack Wi-Fi passwords. Upon achieving this, the program shall then connect to the cracked network, start packet sniffing and perform a host discovery and scan for open ports. The final product underwent three tests and passed them all, except the step involving port scanning - most likely due to hardware and/or operating system faults, since other devices are able to perform these operations. The main functionalities of this device and software are to: identify and assess nearby network access points, perform deauthentication attacks, capture network traffic (including WPA handshakes), crack Wi-Fi passwords, connect to cracked networks and finally to perform host discovery and port scanning. All of these steps shall be executed automatically after selecting the target networks and pressing the start button. Based on the test results it can be stated that this device is well suited for practical use within cyber security and digital forensics. However, due to the Raspberry Pi's limited computing power users may be advised to outsource the cracking process to a more powerful machine, for the purpose of productivity and time efficiency.

Scapy

Python 3

Aircrack-ng

Reconnaissance Tool

Penetration testing

Wi-Fi Cracking

Password Cracking

Raspberry Pi

Information Systems

New Theoretical Techniques For Analyzing And Mitigating Password Cracking Attacks

Peiyuan Liu (18431811)

26 April 2024

<p dir="ltr">Brute force guessing attacks continue to pose a significant threat to user passwords. To protect user passwords against brute force attacks, many organizations impose restrictions aimed at forcing users to select stronger passwords. Organizations may also adopt stronger hashing functions in an effort to deter offline brute force guessing attacks. However, these defenses induce trade-offs between security, usability, and the resources an organization is willing to investigate to protect passwords. In order to make informed password policy decisions, it is crucial to understand the distribution over user passwords and how policy updates will impact this password distribution and/or the strategy of a brute force attacker.</p><p dir="ltr">This first part of this thesis focuses on developing rigorous statistical tools to analyze user password distributions and the behavior of brute force password attackers. In particular, we first develop several rigorous statistical techniques to upper and lower bound the guessing curve of an optimal attacker who knows the user password distribution and can order guesses accordingly. We apply these techniques to analyze eight password datasets and two PIN datasets. Our empirical analysis demonstrates that our statistical techniques can be used to evaluate password composition policies, compare the strength of different password distributions, quantify the impact of applying PIN blocklists, and help tune hash cost parameters. A real world attacker may not have perfect knowledge of the password distribution. Prior work introduced an efficient Monte Carlo technique to estimate the guessing number of a password under a particular password cracking model, i.e., the number of guesses an attacker would check before this particular password. This tool can also be used to generate password guessing curves, but there is no absolute guarantee that the guessing number and the resulting guessing curves are accurate. Thus, we propose a tool called Confident Monte Carlo that uses rigorous statistical techniques to upper and lower bound the guessing number of a particular password as well as the attacker's entire guessing curve. Our empirical analysis also demonstrate that this tool can be used to help inform password policy decisions, e.g., identifying and warning users with weaker passwords, or tuning hash cost parameters.</p><p dir="ltr">The second part of this thesis focuses on developing stronger password hashing algorithms to protect user passwords against offline brute force attacks. In particular, we establish that the memory hard function Scrypt, which has been widely deployed as password hash function, is maximally bandwidth hard. We also present new techniques to construct and analyze depth robust graph with improved concrete parameters. Depth robust graph play an essential rule in the design and analysis of memory hard functions.</p>

Cryptography

Data security and protection

Memory Hard Function

Password Security

Statistical Analysis

Cryptography

Theoretical Bounds

Depth-Robust Graph

Password Dataset

Password Distribution

Bandwidth Hardness

Password Cracking Model