Password Security: A Case History

Morris, Thompson 1979

 

Goal: provide password security at minimal inconvenience

 

password system is only one component of overall system security: physical security, network security, etc are all other dimensions required in a secure system

 

don’t protect by obscurity: allow password file and password program to be viewed without compromising the system

 

they used the password to encrypt a constant and stored that in the password file.  why?  with a given key, symmetric ciphers they were using were trivial to invert.

 

attacks

 

key search: try brute force combinations of characters and/or words from a dictionary, list of common names, license plate numbers, etc

 

they found that many passwords can be easily guessed using key search.

 

key search attacks can be made less efficient by having users choose good passwords: long enough, containing digits and/or special characters, etc.

 

SALTING PASSWORDS prevents key search attacks by choosing a random salt.  Here is how it works:  when user chooses a password, append salt (random number), and then hash/encrypt password and store salt and encrypted password in password file.  when user enters password, look up salt in password file, and use it to compute hashed/encrypted password.  This prevents an attacker from just randomly guessing username/password combinations, becuase for each password, it could have been hashed/encrypted with a large number of possible salts appended to it.

 

TIMING ATTACKS.  a system should never tell you if a user name is invalid; doing so will only make attacking it easier.  in addition, the system should always take the same time to respond to a correct username/password combination as an incorrect one; this way the attacker will not be able to tell whether or not an invalid password was used.