ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Efficient Dictionary for Salted Password Analysis

Vishwakarma, Deepak and Madhavan, Veni CE (2014) Efficient Dictionary for Salted Password Analysis. In: IEEE International Conference on Electronics, Computing and Communication Technologies (IEEE CONECCT) .

[img] PDF
iee_int_con_ele_com_com_tec_2014.pdf - Published Version
Restricted to Registered users only

Download (3MB) | Request a copy
Official URL: http://eprints.iisc.ernet.in/id/eprint/5117


User authentication is essential for accessing computing resources, network resources, email accounts, online portals etc. To authenticate a user, system stores user credentials (user id and password pair) in system. It has been an interested field problem to discover user password from a system and similarly protecting them against any such possible attack. In this work we show that passwords are still vulnerable to hash chain based and efficient dictionary attacks. Human generated passwords use some identifiable patterns. We have analysed a sample of 19 million passwords, of different lengths, available online and studied the distribution of the symbols in the password strings. We show that the distribution of symbols in user passwords is affected by the native language of the user. From symbol distributions we can build smart and efficient dictionaries, which are smaller in size and their coverage of plausible passwords from Key-space is large. These smart dictionaries make dictionary based attacks practical.

Item Type: Journal Article
Publication: IEEE International Conference on Electronics, Computing and Communication Technologies (IEEE CONECCT)
Series.: IEEE International Conference on Electronics Computing and Communication Technologies
Publisher: IEEE
Additional Information: Copy right for this article belongs to the IEEE
Keywords: authentication; security; hash function; password cracking; hash chain; salted passwords; smart dictionary
Department/Centre: Division of Electrical Sciences > Computer Science & Automation
Date Deposited: 15 Apr 2015 10:09
Last Modified: 15 Apr 2015 10:09
URI: http://eprints.iisc.ac.in/id/eprint/51172

Actions (login required)

View Item View Item