Page 1 2
If the self-destruct process was dangerous: Man-Trap!
A very interesting article about the use of 'brute force' attacks to guess one's password, which explains the process that was mentioned by sfj in his post. One thing the article explains is that PGP has been specifically designed to slow down the password guessing program, which greatly increases the time that it takes to guess the password.
Regarding the idea that passwords can be gleaned from one's harddrive (in the 'total knowledge' fashion mentioned by sfj), PGP's Total Disk Encryption would seem to defeat such an application. (Total Disk Encryption is different from just encrypting a file or a "z" drive, as was the case in that child porn incident. Total Disk Encryption is just that, it encrypts everything.)
Secure Passwords Keep You Safer
By Bruce Schneier
January 15, 2007
Ever since I wrote about the 34,000 MySpace passwords I analyzed, people have been asking how to choose secure passwords.
My piece aside, there's been a lot written on this topic over the years -- both serious and humorous -- but most of it seems to be based on anecdotal suggestions rather than actual analytic evidence. What follows is some serious advice.
The attack I'm evaluating against is an offline password-guessing attack. This attack assumes that the attacker either has a copy of your encrypted document, or a server's encrypted password file, and can try passwords as fast as he can. There are instances where this attack doesn't make sense. ATM cards, for example, are secure even though they only have a four-digit PIN, because you can't do offline password guessing. And the police are more likely to get a warrant for your Hotmail account than to bother trying to crack your e-mail password. Your encryption program's key-escrow system is almost certainly more vulnerable than your password, as is any "secret question" you've set up in case you forget your password.
Offline password guessers have gotten both fast and smart. AccessData sells Password Recovery Toolkit, or PRTK. Depending on the software it's attacking, PRTK can test up to hundreds of thousands of passwords per second, and it tests more common passwords sooner than obscure ones.
So the security of your password depends on two things: any details of the software that slow down password guessing, and in what order programs like PRTK guess different passwords.
Some software includes routines deliberately designed to slow down password guessing. Good encryption software doesn't use your password as the encryption key; there's a process that converts your password into the encryption key. And the software can make this process as slow as it wants.
The results are all over the map. Microsoft Office, for example, has a simple password-to-key conversion, so PRTK can test 350,000 Microsoft Word passwords per second on a 3-GHz Pentium 4, which is a reasonably current benchmark computer. WinZip used to be even worse -- well over a million guesses per second for version 7.0 -- but with version 9.0, the cryptosystem's ramp-up function has been substantially increased: PRTK can only test 900 passwords per second. PGP also makes things deliberately hard for programs like PRTK, also only allowing about 900 guesses per second.
When attacking programs with deliberately slow ramp-ups, it's important to make every guess count. A simple six-character lowercase exhaustive character attack, "aaaaaa" through "zzzzzz," has more than 308 million combinations. And it's generally unproductive, because the program spends most of its time testing improbable passwords like "pqzrwj."
According to Eric Thompson of AccessData, a typical password consists of a root plus an appendage. A root isn't necessarily a dictionary word, but it's something pronounceable. An appendage is either a suffix (90 percent of the time) or a prefix (10 percent of the time).
So the first attack PRTK performs is to test a dictionary of about 1,000 common passwords, things like "letmein," "password1," "123456" and so on. Then it tests them each with about 100 common suffix appendages: "1," "4u," "69," "abc," "!" and so on. Believe it or not, it recovers about 24 percent of all passwords with these 100,000 combinations.
Then, PRTK goes through a series of increasingly complex root dictionaries and appendage dictionaries. The root dictionaries include:
Common word dictionary: 5,000 entries
Names dictionary: 10,000 entries
Comprehensive dictionary: 100,000 entries
Phonetic pattern dictionary: 1/10,000 of an exhaustive character search
The phonetic pattern dictionary is interesting. It's not really a dictionary; it's a Markov-chain routine that generates pronounceable English-language strings of a given length. For example, PRTK can generate and test a dictionary of very pronounceable six-character strings, or just-barely pronounceable seven-character strings. They're working on generation routines for other languages.
PRTK also runs a four-character-string exhaustive search. It runs the dictionaries with lowercase (the most common), initial uppercase (the second most common), all uppercase and final uppercase. It runs the dictionaries with common substitutions: "$" for "s," "@" for "a," "1" for "l" and so on. Anything that's "leet speak" is included here, like "3" for "e."
The appendage dictionaries include things like:
All two-digit combinations
All dates from 1900 to 2006
All three-digit combinations
All single symbols
All single digit, plus single symbol
All two-symbol combinations
AccessData's secret sauce is the order in which it runs the various root and appendage dictionary combinations. The company's research indicates that the password sweet spot is a seven- to nine-character root plus a common appendage, and that it's much more likely for someone to choose a hard-to-guess root than an uncommon appendage.
Normally, PRTK runs on a network of computers. Password guessing is a trivially distributable task, and it can easily run in the background. A large organization like the Secret Service can easily have hundreds of computers chugging away at someone's password. A company called Tableau is building a specialized FPGA hardware add-on to speed up PRTK for slow programs like PGP and WinZip: roughly a 150- to 300-times performance increase.
How good is all of this? Eric Thompson estimates that with a couple of weeks' to a month's worth of time, his software breaks 55 percent to 65 percent of all passwords. (This depends, of course, very heavily on the application.) Those results are good, but not great.
But that assumes no biographical data. Whenever it can, AccessData collects whatever personal information it can on the subject before beginning. If it can see other passwords, it can make guesses about what types of passwords the subject uses. How big a root is used? What kind of root? Does he put appendages at the end or the beginning? Does he use substitutions? ZIP codes are common appendages, so those go into the file. So do addresses, names from the address book, other passwords and any other personal information. This data ups PRTK's success rate a bit, but more importantly it reduces the time from weeks to days or even hours.
So if you want your password to be hard to guess, you should choose something not on any of the root or appendage lists. You should mix upper and lowercase in the middle of your root. You should add numbers and symbols in the middle of your root, not as common substitutions. Or drop your appendage in the middle of your root. Or use two roots with an appendage in the middle.
Even something lower down on PRTK's dictionary list -- the seven-character phonetic pattern dictionary -- together with an uncommon appendage, is not going to be guessed. Neither is a password made up of the first letters of a sentence, especially if you throw numbers and symbols in the mix. And yes, these passwords are going to be hard to remember, which is why you should use a program like the free and open-source Password Safe to store them all in. (PRTK can test only 900 Password Safe 3.0 passwords per second.)
Even so, none of this might actually matter. AccessData sells another program, Forensic Toolkit, that, among other things, scans a hard drive for every printable character string. It looks in documents, in the Registry, in e-mail, in swap files, in deleted space on the hard drive ... everywhere. And it creates a dictionary from that, and feeds it into PRTK.
And PRTK breaks more than 50 percent of passwords from this dictionary alone.
What's happening is that the Windows operating system's memory management leaves data all over the place in the normal course of operations. You'll type your password into a program, and it gets stored in memory somewhere. Windows swaps the page out to disk, and it becomes the tail end of some file. It gets moved to some far out portion of your hard drive, and there it'll sit forever. Linux and Mac OS aren't any better in this regard.
I should point out that none of this has anything to do with the encryption algorithm or the key length. A weak 40-bit algorithm doesn't make this attack easier, and a strong 256-bit algorithm doesn't make it harder. These attacks simulate the process of the user entering the password into the computer, so the size of the resultant key is never an issue.
For years, I have said that the easiest way to break a cryptographic product is almost never by breaking the algorithm, that almost invariably there is a programming error that allows you to bypass the mathematics and break the product. A similar thing is going on here. The easiest way to guess a password isn't to guess it at all, but to exploit the inherent insecurity in the underlying operating system.
For some excellent reading about the development of random codes, try Neal Stephenson's "Cryptonomicon."
Gregg Easterbrook (TMQ)
A recent "Stargate Atlantis" episode hinged on an absurd button, which brings up the role of Absurd Buttons. Our plucky, wise-cracking Stargate commandos had been taken captive aboard a super-advanced alien starcruiser on its way to destroy Earth. The starcruiser was a product of an alien society that built the most sophisticated technology in the universe. The wise-cracking commandoes saved Earth by causing the starcruiser's power source to overload, exploding and destroying the ship; the plucky earthlings beamed off at the last instant. How did they cause the power source of overload? By pressing one single button.
I've never been aboard a super-advanced, faster-than-light starcruiser, but am guessing they don't have buttons marked CAUSE DEADLY POWER OVERLOAD. I am guessing that engineers capable of designing intergalactic starships do not build buttons that, if touched, instantly destroy the vessel. I am guessing that super-advanced, faster-than-light starships would have power sources that are elaborately safeguarded against overloads, plus protected by multiple redundant backup systems.
Reader V�ctor Moreno of Quer�taro, Mexico, an aviation engineer, notes that in the sci-fi movie "The Island," "The hero turns off a big switch and a huge spinning wheel catastrophically collapses. I wonder who was the bright guy who designed a switch that, if thrown at the wrong moment, could create such havoc. I work in the aircraft-engine business, and we definitely don't engineer those kind of switches. On the contrary, we go to great lengths looking for possible failure modes and act to eliminate or minimize the possibility."
Yet Absurd Buttons that cause instant catastrophe are a staple of the sci-fi and action genres. (Think Star Trek or Star Wars or even Space Balls).
The best Absurd Buttons come in the James Bond movie "Moonraker." A supervillain has built his own private fleet of space shuttles, plus constructed an entire hollowed-out mountain from which five space shuttles can be launched simultaneously. I haven't priced hollowed-out mountains lately, but a construction project to excavate a mountain and place inside it a spaceport five times the size of the Kennedy Space Center should cost hundreds of billions of dollars, plus require thousands of workers many years to complete. Yet no one noticed the thousands of workers and their countless pieces of heavy equipment spending years hollowing out a mountain! The five space shuttles blast off, and fly to a space station several times the size of the actual International Space Station. Since the ISS has cost about $100 billion to build and place in orbit, the supervillain's much larger space station must have cost more. So based on his spending, the supervillain is by far the richest person in world history, yet no one knows about him, and no one notices the dozens of heavy-lift rocket launches necessary to place the components of his space station in orbit.
Needless to say, the space station is designed to destroy the world, and needless to say, James Bond gets aboard. What does 007 find but two big toggle switches. The first engages a "radar cloaking device" that, the supervillain explains, has prevented the space station from being detected by NORAD. Here is NORAD's Web site; note that this Pentagon-owned, top-secret military installation has a marketing slogan. Wait, even if there were "radar cloaking," a huge space station could be seen with the naked eye! Anyone can see the ISS with the naked eye; I've watched it pass overhead. This utility allows you to determine when the actual space station will make a naked-eye pass above your area.
Be that as it may, Bond lunges for the "radar cloaking device" switch and throws it into the OFF position. Immediately, NORAD detects the evil facility, and shortly thereafter, a space shuttle full of U.S. Marines is launched to attack. Now, if you built a space station designed to destroy the world, and its existence depended on "radar cloaking," would you include a mechanism that switches off the cloak by pushing a single button? But here's the best part. The other huge ON/OFF button controls the station's artificial gravity. Bond flips the switch to OFF and immediately the station begins to spiral out of control and break up. If your ultra-expensive space station depended on artificial gravity, would you design that system to be switched off by pushing a single button?
You can deactivate the button by clipping the blue wire (NOT the red one).
I always liked the self destruct on Alien the best. The double-voice authenticating on Star Trek to seemed cool when I was a kid, but it paled in comparison to Alien. The Alien system is preferable, also, because the last surviving crew member could destroy the Nostromo, but such would not be possible on the Enterprise to my understanding. Instead, you would have to crash the Enterprise into something and hope for a warp core breach if you were by yourself.
[This message was edited by Quiet Man on 02-18-08 at .]
Yeah, but the self-destruct sequence on star trek always stops with one second remaining.
And why didn't the cat get blown out of the air lock along with the alien?
I think Ripley had already put the cat in a hibernation chamber. It's when she was stripping down to her skivvies to get in her own chamber that the alien popped out of the ceiling where it was hiding. Right?
And they managed to self-destruct the Enterprise in Star Trek III after the Klingons beamed on board.
That's right. There were two pods.
My favorite was the silent countdown on First Contact (a clue that the Borg would figure out a way to use brute force to figure out the password and deactive the program).
Though they may seem silly, there are a lot of such "panic buttons" around. I used to work in a facility where the large 'clean room' had multiple mainframe computers and rows and rows of "grey bays" full of electronics so expensive that they didn't even like to tell us how much they cost. It took two trained techs a complete hour to fully "power down" the floor to 'cold.'
On one wall by the door, however, there was a big red button. Hit it and power was cut at the main breaker. You could hear senstive components (like hard disc platters) screech to a halt. If boards didn't fry during powerdown, they fried during power up.
Even though the big red button had a plastic oover on it, one night some guys were playing "safety cane hockey" and....well.....you can guess. A top-super-duper-secret intel center went off-line in the middle of war.
Some precautions were taken, however. Though regulations required that a large water sprinkler system be installed (to supplement the CO2 systems), the water was never connected. Being new to the military I asked why we spent 200K on a sprinkler system we were never going to hook up. I kept forgetting to not ask questions...
How about a destruct button for the occaisional annoying poster that misrepresents who they are?
... says the anonymous "Quiet Man"? Oh, the irony!
I'm not really David Newell.
I may be annoying, but I do not believe I misrepresent myself. My profile does not say I won a bronze star in Iraq, that I am the Chief Wizard of the Wizengamont, or Captain Dallas of the Nostromo. Nor do I claim an office I do not possess.
Stay out of the air ducts, Capt. Dallas, H.R Giger's coming to get you.
"that I am the Chief Wizard of the Wizengamont"
Hey, I used to be Wizard! Though not a Chief, and I can't say I was ever stationed at Wizengamont. Is that near Bad Aibling?
|Powered by Social Strata||Page 1 2|
© TDCAA, 2001. All Rights Reserved.