OMEN: Faster Password Guessing Using an Ordered Markov Enumerator

Markus Duermuth 1 Fabian Angelstorf 1 Claude Castelluccia 2 Daniele Perito 2 Abdelberi Chaabane 2
2 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
Abstract : Passwords are widely used for user authentication, and will likely remain in use in the foreseeable future, despite several weaknesses. One important weakness is that human-generated passwords are far from being random, which makes them susceptible to guessing attacks. Under-standing the adversaries capabilities for guessing attacks is a fundamental necessity for estimating their impact and advising countermeasures. This paper presents OMEN, a new Markov model-based password cracker that extends ideas proposed by Narayanan and Shmatikov (CCS 2005). The main novelty of our tool is that it generates password candidates according to their occurrence probabilities, i.e., it outputs most likely passwords first. As shown by our extensive experiments, OMEN signifi-cantly improves guessing speed over existing proposals. In particular, we compare the performance of OMEN with the Markov mode of John the Ripper, which implements the password indexing func-tion by Narayanan and Shmatikov. OMEN guesses more than 40% of passwords correctly with the first 90 million guesses, while JtR-Markov (for T = 1 billion) needs at least eight times as many guesses to reach the same goal, and OMEN guesses more than 80% of passwords correctly at 10 billion guesses, more than all probabilistic password crackers we compared against.
Type de document :
Communication dans un congrès
International Symposium on Engineering Secure Software and Systems, Mar 2015, milan, Italy. <https://distrinet.cs.kuleuven.be/events/essos/2015/>
Liste complète des métadonnées


https://hal.archives-ouvertes.fr/hal-01112124
Contributeur : Claude Castelluccia <>
Soumis le : lundi 2 février 2015 - 12:01:59
Dernière modification le : mardi 17 novembre 2015 - 17:37:50
Document(s) archivé(s) le : dimanche 3 mai 2015 - 10:35:20

Fichier

omen.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01112124, version 1

Collections

Citation

Markus Duermuth, Fabian Angelstorf, Claude Castelluccia, Daniele Perito, Abdelberi Chaabane. OMEN: Faster Password Guessing Using an Ordered Markov Enumerator. International Symposium on Engineering Secure Software and Systems, Mar 2015, milan, Italy. <https://distrinet.cs.kuleuven.be/events/essos/2015/>. <hal-01112124>

Partager

Métriques

Consultations de
la notice

267

Téléchargements du document

2705