tag:blogger.com,1999:blog-6644490640411457335.post3305202650498608308..comments2022-12-24T02:01:01.553-07:00Comments on Electric Alchemy: Cracking Passwords in the Cloud: Insights on Password PoliciesDChttp://www.blogger.com/profile/04707388475829589192noreply@blogger.comBlogger60125tag:blogger.com,1999:blog-6644490640411457335.post-75531315303734130852010-11-16T13:25:33.984-07:002010-11-16T13:25:33.984-07:00i know im reviving an old post but do you have any...i know im reviving an old post but do you have any intention of repeating this research using Cluster GPU InstancesUnknownhttps://www.blogger.com/profile/15254314282323835147noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-71419785135209601012009-12-17T08:23:52.791-07:002009-12-17T08:23:52.791-07:00Nice! I never really thought of passwords in term...Nice! I never really thought of passwords in terms of dollar cost-to-crack before. Log plots please would be nice.Noah Edelsonhttp://selftuningsystems.dyndns.orgnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-79413806453836950012009-12-01T09:33:07.615-07:002009-12-01T09:33:07.615-07:00Cost estimate for password cracking needs help.
14...Cost estimate for password cracking needs help.<br />14 place full complexity LM Hashes cost a one time fee of $99 or less to crack. See Source Forge. Ophcrack.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-27310777850121559602009-12-01T09:28:41.009-07:002009-12-01T09:28:41.009-07:00A typical PC desktop is capable of testing 3 milli...A typical PC desktop is capable of testing 3 million cominations a second by bruit force. Thus an 8 billion combination password might last 2667 seconds, substantially less than the typical 2 hr password cracking effort. Even as it is an improvement over a typical password. These favor leet versions of words.<br />A language is lucky to have 100,000 words. Asumming ten language dictionaries and 10 leet variations per word, this amonts to 10 million combinations to test. Thus. Such a password should fall in 3 seconds.<br /><br />Upshot is that the average password falls in about 2 +/- 1 minutes.<br /><br />Last, cryptography is getting both easy to obtain and the 8 month computing efforts to build rainbow tables more common. Thus, LM Hashes of fully complex passwords up to 14 places can fall in 8 minutes or less.<br /><br />I took math classes too, but the world is getting a bit more dangerous for single factor passwords than it used to be.<br /><br />Mean time to cracking is only approximately an exponential game. Pre-computed tables benefit from sucessive cracking efforts that save their status of tested hashes. Moore's law for computing power over time also benefits the cracking tools.<br /><br />Slothful security planning does not mix well with reality. Unless one is the attacker, then murphy's law is your friend.<br /><br />So, no leet, not single words. Length improves the situation only after crypto problems are accounted for. Complexity only helps If the crypto attack skipped testing for it.<br /><br />Short advice. Good passwords must be 15 plus in length unless you can prove LM Hashes are not used. IF so, 10 plus in length is still needed to keep up with civilian level security needs. 8 places is out dated.Don Turnbladehttp://www.linkedin.com/in/Arctificnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-73567349103074616302009-12-01T02:16:28.925-07:002009-12-01T02:16:28.925-07:00As my passwords tend to fall into the just under 1...As my passwords tend to fall into the just under 1 billion -> over the 8 billion I'm not to worriedAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-14114124630164135782009-11-20T01:59:51.191-07:002009-11-20T01:59:51.191-07:00In the figure "optimistic cost to brute compl...In the figure "optimistic cost to brute complex passwords" the >$1m point is shown as 9 characters (estimated cost $10,100,151) but in the combined figure "best passwords (by cost to brute)" that same figure is given for 10 characters.<br />Ok, it's hypothetical and it's for discussion, but given that CISOs and others responsible for security will likely read this article and base policy decisions on it at least in part, we need some clarification - seems like a proof-reading error somewhere that should have been spotted and fixed. Is it 9 or 10 characters for a truly complex password?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-15959083000344365572009-11-14T08:27:04.555-07:002009-11-14T08:27:04.555-07:00Nice experimentNice experimentHardeep Singhhttp://blog.hardeep.namenoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-46263828941680738822009-11-04T20:51:17.259-07:002009-11-04T20:51:17.259-07:00Thanks to all of you who had constructive feedback...Thanks to all of you who had constructive feedback and good questions. We have answered many of the questions in <a href="http://news.electricalchemy.net/2009/11/cracking-passwords-in-cloud-q.html" rel="nofollow">this post</a>.DChttps://www.blogger.com/profile/04707388475829589192noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-50739111679644979812009-11-04T17:56:43.609-07:002009-11-04T17:56:43.609-07:00Someone else asked : "decrypting a PGP encry...Someone else asked : "decrypting a PGP encrypted file through bruteforce cracking the passphrase - does that mean you were in possession of the (passphrase protected) private key?"<br />"Or was the file encrypted using a symmetric key?"<br /><br />I guess my question is: are these PGP ZIPfiles somehow different from PGP encryption sent to a recipient - are they really just fancy password-protected zips? <br /><br />Seems no one is answering the Q when it is asked on page 1...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-80744429107494759052009-11-04T13:12:48.107-07:002009-11-04T13:12:48.107-07:00The following post is a long way of saying that I ...The following post is a long way of saying that I whole heartedly agree with the view that long passwords, 15+ places, are my best overall advice. Below are potentially useful ideas or concepts for persons interested in genuine security gains in the password factor in their security plans.<br /><br />I would like to humbly define a few ideas for the password strength concerned world. I think they truly provide value in discussing what password strength as a term ought to mean.<br /><br />First, I must get the obvious out of the way for benefit of auditors who think 8 place passwords are a good idea.<br />1) Strong passwords take longer to crack. <br /> This means in real terms than passwords less than 15 places must have extended ASCII or other symbols beyond 93 found on a keyboard to meet such a definition.<br /><br />2) The average password cracking time will defined by the time it takes to crack 50% of the password hashes found in the password file.<br /><br />3) The average time to self terminate a password cracking effort will be defined is the average time of continuous effort by a trained professional before self-terminating a cracking effort.<br /><br />If any of you wish to contribute your experience to the following numbers, I will accept entries based on the following information.<br /><br />A) Cracking Times: How many password hashes where in the file. A measure of the combinations per second used to brute force. A measure of the length, size, or number of dictionaries, rainbow tables or supporting pre-supplied tables to the cracking tool. <br /><br />B) Self Termination Times: How long was the efforts continuous computing run time before either completion or self-termination by the cracker. What certifications or effort hours in training did the cracker have.<br /><br />So far: the average password lasts between 2 to 3 minutes, as measured by dictionary and rule assisted brute force on a stock Pentium 4 desktop, 3 Million Combinations per second. Coincidentally, the average 14 place 93 key combination admin password against LM rainbow tables about 4 GB in size is about 2 to 3 minutes.<br /><br />So far: the average time to self terminate a password cracking effort among trained professionals is 2 hours. 85% of the time, the effort will last less than 36 hours. Note: this is not the time taking to build pre-computed hashes or rainbow tables, but the time taken to use such tools before quitting for reasons of human boredom, frustration or professional demand to re-task the computer(s) in question.<br /><br />Rainbow table building for 14 place LM hashes with 93 keystroke complexity continues to hold at about 8 months of highly parallel computing.<br /><br />Regards,<br /><br />Don<br />http://www.linkedin.com/in/arctificArctifichttps://www.blogger.com/profile/02218285176276639334noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-72383156411513160002009-11-04T02:36:57.861-07:002009-11-04T02:36:57.861-07:00memorizing long passwords is easy. Just memorize ...memorizing long passwords is easy. Just memorize in 3-4 character blocks, one block at a time. memory works best with small chunks of info, but can remember many small chunks. <br /><br />Also, type, speak, and visualize. Utilizing motor, audio, and visual memory together improves recall.<br /><br />I use 24-32 char passwords for some applications. Memory is no problem. i can do them from motor memory alone (i.e. too drunk to remember but can still type).Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-63041464653753474302009-11-03T22:34:16.455-07:002009-11-03T22:34:16.455-07:00It's amazing how snarky some people can be in ...It's amazing how snarky some people can be in these comments.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-11872432914339812252009-11-03T16:49:11.750-07:002009-11-03T16:49:11.750-07:00I have a question about your slide data. You intro...I have a question about your slide data. You introduce your second slide by saying it's about passwords "containing upper and lowercase a-z, plus the numerals 0-9" but then the slide title only says [a-z0-9]. The dollar values would suggest the slide title is correct and your introduction to it is incorrect.<br /><br />If the second slide is truly only about [a-z0-9] then I would like to see an additional slide describing [a-zA-Z0-9].<br /><br />Thanks.fjarlqhttps://www.blogger.com/profile/11138505527482482074noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-31666766224202074382009-11-03T15:27:18.324-07:002009-11-03T15:27:18.324-07:00I'm no cryptologist, but I believe one very si...I'm no cryptologist, but I believe one very significant variable here is which algorithm was used to encrypt (or hash) the password. My comment assumes your attack is against cryptotext, rather than against a "password: " prompt. I recall a consulting job where I cracked old-school DES passwords on old HPUX systems simply by taking the hashes offline and onto a Pentium 3 running John The Ripper. I don't remember actual numbers, but I do recall that simple passwords <8 characters fell pretty quickly, but the ones with newer algorithms took days to crack.Luke Gartshore Sheppardhttp://www.tcpiplab.comnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-29278220081844037472009-11-03T14:01:54.580-07:002009-11-03T14:01:54.580-07:00Cool article with an interesting application of Am...Cool article with an interesting application of Amazon's cloud, but your results at the end are not exactly groundbreaking. My training in mathematics includes only one college level course in probability, but even that is enough to know that password complexity increases exponentially with password length.<br /><br />Maybe I have overestimated the mathematical prowess of "elite" computer security researchers in general?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-45525782265525674152009-11-03T13:35:58.287-07:002009-11-03T13:35:58.287-07:00I like how you can make a post devoid of any actua...I like how you can make a post devoid of any actual content (oh look graphs! too bad the assumptions of throughput/time/cost per time unit are not mentioned at all!) or new information and still garner lots of replies and attentionAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-7039029322926155812009-11-03T11:40:28.349-07:002009-11-03T11:40:28.349-07:00"Arvind: A good password is never a replaceme..."Arvind: A good password is never a replacement for an idiot employee."<br /><br />sure but good policies are.<br /><br />"just hide it in some secure place, like your wallet" <br /><br />that actually made my day. Sure, wallet is the most secure place ever. Actualy I think wallets get stollen a lot more times than peopel hack into some security systems or break in some secured places... so, hey, nice one m8.<br /><br /><br />One and only way to make people remember their password even when they are longer than - OMG OMG OMG - 10 chars is to EDUCATE YOUR EMPLOYEEEEEESSS... I know I know, u don't like to talk to people, but THAT IS THE ONLY WAY. Your system is always as weak as the weakest part, and that part equals = your worker. You can have MD5^1000000 and that will never be enough...<br /><br />ech, I'm so glad I found this post.. didn't have so much fun for a loong time... hehe, cracking passwords easier than lockpicking... lol.Arvind Junejahttps://www.blogger.com/profile/07444857689997307305noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-78865504179619708142009-11-03T11:33:50.349-07:002009-11-03T11:33:50.349-07:00that's so cool, most of you think that it'...that's so cool, most of you think that it's easier to crack the password than to obtain it non-technical way... <br /><br />good for you, you must live in a wonderfull world. And that link you gave me?<br /><br />"I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet."<br /><br />yeah sure, and also, attach a business card to your keys so if anyone finds it he knows where to give it back... I mean, there is no chance that someone will use it in "bad way" right? I mean u just gave him the key and the address of your home...<br /><br />damn..i belive that when you have a bypass card to your server room u also sign it with room number and have this nice company branded strap connected with it... just great.Arvind Junejahttps://www.blogger.com/profile/07444857689997307305noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-35862017801219449092009-11-03T10:37:38.971-07:002009-11-03T10:37:38.971-07:00Your password length discussion is possibly incomp...Your password length discussion is possibly incomplete. Any in-depth discussion really needs to look at the technical details. Older versions of windows stored passwords as chunks 7 characters long (for passwords up to 14 characters I think). So a 12 character password might be cracked easily as two chunks, one 7 char, one 5 char. The thinking was that would be trivially easy to crack (especially for a-z)or to use a rainbow table. This was probably improved in later versions of windows, but who knows if the registry key for "maintain backward compatibility" (perhaps used for AFS connections) is turned on, and reverts to the old behavior.<br /><br />My default for a system I care about is a passphrase 15+ characters, containing all a-z, numerics, spaces and a few special characters. On the other hand, I would probably sell it to someone for offers of $100 :-)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-23496161367718125822009-11-03T10:34:23.302-07:002009-11-03T10:34:23.302-07:00Local security company suggested to write down you...Local security company suggested to write down your passwords, but leave something out from it...<br /><br />Your password is: s83=#sr1!"#QhHfd<br />Write this on paper: s83=#sr1QhHfd<br />Remember this: !"#<br /><br />Here:<br /><br /> s83=# is just random text<br /> sr1 is string which you identify server to login<br /> !"# is passphrase to remember "add it before last fifth char"<br />QhHfd is just some more random text<br /><br />Change order, length and amount of these components. This gives pretty good protection against brute forcing and password stealing. <br /><br />Also having your passwords on post-it saves from very expensive EC2 time... :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-78733543976683778112009-11-03T09:50:26.257-07:002009-11-03T09:50:26.257-07:00flawed artical.
1) you assume the last password is...flawed artical.<br />1) you assume the last password is the correct one.<br />2) you assume hackers have been waiting for cloud computing to come along before they can crack passwords with speed.<br /><br />also your cloud passwd cracker is only doing 2,600,000 passwords a second which isnt very good. <br /><br />A hacker with a few grands worth of CUDA gfx cards could achieve a lot more.<br /><br />A hacker with a root on a super computer could do more again.<br /><br />And a hacker with a botnet of 250,000 independently cracking a password would be faster again.<br /><br />If that hacker with the botnet added CUDA support and had the nodes intelligently crack the password it would be one of the fastest cracking devices in the world for free.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-39897698878707591472009-11-03T09:33:30.752-07:002009-11-03T09:33:30.752-07:00Interesting analysis, but I think you're leavi...Interesting analysis, but I think you're leaving out one detail:<br /><br />If an adversary is trying to brute-force a password that's simply encrypted (I'll leave the issue of salt aside), he will know the length but not its complexity. That gives him the ability to assume high complexity and know with certainty what the maximum cost will be to achieve a solution.<br /><br />An adversary with a digested password has an cheap escape hatch if he knows the algorithm was one prone to collision attacks (MD5 in 2^32 or SHA1 in 2^52).<br /><br />Otherwise, with a not-yet-broken digest algorithm (e.g., SHA-256 or Whirlpool), he has no a priori knowledge of the password's length or complexity, which is going to force the assumption of high complexity and unknown length. The unkown length automatically puts the solution into the high-priced "very long" bracket, but also adds the cost of computing everything shorter. It looks like that adds about 4% to the cost, which is trivial compared to the "long" cost but is a lot in real dollars.<br /><br />With just about everything using digested passwords and anything really important using good algorithms, social engineering and ThugWare become awfully attractive options.<br /><br />--MFBlrflnoreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-48584177504393237172009-11-03T08:10:58.231-07:002009-11-03T08:10:58.231-07:00Have you considered this client side exploit? http...Have you considered this client side exploit? http://xkcd.com/538Jakehttps://www.blogger.com/profile/04547810288354860295noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-43387444014438707952009-11-03T08:04:24.508-07:002009-11-03T08:04:24.508-07:00Well, the article is clearly focused on one aspect...Well, the article is clearly focused on one aspect of security. Security in general is a complex issue and should always be approached holistically.<br /><br />For example, an important financial factor to consider is the cost of hiring thugs on the local market. If the cost of cracking the password is significantly higher, a determined attacker will hire thugs who will make people reveal their passwords in no time.Jan Rychterhttp://jan.rychter.com/enblog/noreply@blogger.comtag:blogger.com,1999:blog-6644490640411457335.post-91890182947308192582009-11-03T08:01:09.494-07:002009-11-03T08:01:09.494-07:00What I figured a while ago is that a "passwor...What I figured a while ago is that a "password" is hard to remember and not all that secure, while a "pass phrase" is easy to remember and very secure. The big problem is getting people to type it in each time, but eliminating a lot of the special character requirements is probably worth it to the average user, especially if they don't have to retype it too often.Anonymousnoreply@blogger.com