4,448 Hits in 5.5 sec

Monte Carlo Strength Evaluation

Matteo Dell'Amico, Maurizio Filippone
2015 Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS '15  
Modern password guessing attacks adopt sophisticated probabilistic techniques that allow for orders of magnitude less guesses to succeed compared to brute force.  ...  This paper proposes a novel method to estimate the number of guesses needed to find a password using modern attacks.  ...  [7] adopted an approximation technique to evaluate the number of attempts needed to guess passwords when using n-gram models.  ... 
doi:10.1145/2810103.2813631 dblp:conf/ccs/DellAmicoF15 fatcat:7eotj273wfeg5krfhqjssmuxeu

Improving Password Guessing via Representation Learning [article]

Dario Pasquini, Ankit Gangwal, Giuseppe Ateniese, Massimo Bernaschi, Mauro Conti
2020 arXiv   pre-print
These properties can establish novel password generation techniques that are neither feasible nor practical with the existing probabilistic and non-probabilistic approaches.  ...  We show that an abstract password representation naturally offers compelling and versatile properties that can be used to open new directions in the extensively studied, and yet presently active, password  ...  Finally, we demonstrate the advantages that our technique offers over existing probabilistic and non-probabilistic password models. A.  ... 
arXiv:1910.04232v3 fatcat:kjl4aagx7rgp5jv6ap3brwotyy

Quantifying Information Flow for Dynamic Secrets

Piotr Mardziel, Mario S. Alvim, Michael Hicks, Michael R. Clarkson
2014 2014 IEEE Symposium on Security and Privacy  
The metric is used with a model of information flow for probabilistic, interactive systems with adaptive adversaries.  ...  The model and metric are implemented in a probabilistic programming language and used to analyze several examples. The analysis demonstrates that adaptivity increases information flow.  ...  Acknowledgements: We thank Mudhakar Srivatsa and Andre Scedrov for useful discussions about this work.  ... 
doi:10.1109/sp.2014.41 dblp:conf/sp/MardzielAHC14 fatcat:nu7vx7owajb2dcm6hjk3hymwye

Secure Login System using MD5 and AES Attribute Based Encryption Algorithm

The cryptographic hash work and symmetric encryption make it hard to split passwords from ENPs.We are going to use message digest i.e MD5 and AES algorithm for this purpose.  ...  The cryptographic hash work and symmetric encryption make it hard to break Passwords.  ...  We thank Priya Pise for her assistance with Secure Login System Using MD5 and AES Attribute Based Encryption Algorithm that significantly progressed the manuscript.  ... 
doi:10.35940/ijitee.h6509.069820 fatcat:rpnxv7bppzchrehxrntxxcwqxi

Interpretable Probabilistic Password Strength Meters via Deep Learning [article]

Dario Pasquini, Giuseppe Ateniese, Massimo Bernaschi
2021 arXiv   pre-print
Probabilistic password strength meters have been proved to be the most accurate tools to measure password strength.  ...  In our approach, the security contribution of each character composing a password is disentangled and used to provide explicit fine-grained feedback for the user.  ...  We presented an undirected probabilistic interpretation of the password generative process that can be used to build precise and sound password feedback mechanisms.  ... 
arXiv:2004.07179v4 fatcat:acn2myut5jel3e7zdsss7f7qwm

Strength Analysis of Real-Life Passwords Using Markov Models

Viktor Taneski, Marko Kompara, Marjan Heričko, Boštjan Brumen
2021 Applied Sciences  
Recent literature proposes the use of a proactive password checker as method for preventing users from creating easy-to-guess passwords.  ...  Markov models can help us create a more effective password checker that would be able to check the probability of a given password to be chosen by an attacker.  ...  As a comparison against the PCFG password cracking technique, authors use John the Ripper's default word-mangling rules.  ... 
doi:10.3390/app11209406 fatcat:lnvbzsat7fgizg3irlwemcocqm

Literature Survey on Data Security using Carp Two Step Authentication based on Human and Hard AI Problems
IJARCCE - Computer and Communication Engineering

R.G. Vetrivel, J.Vasanth Kishore, B. Arun Kumar, S. Thivaharan
2015 IJARCCE  
Here the password is created from images and text password. The Current system is based on only text password but it has some disadvantages like small password mostly used and easy to remember.  ...  As this is a technique based on recognition of graphical background more security is achieved as well as easy to remember.  ...  Of course yes, I would like to thank few people at this moment, which had been a great support for us to achieve it.  ... 
doi:10.17148/ijarcce.2015.4318 fatcat:ijwtx6syirh5der7r6kyql4wny

Popularity Is Everything: A New Approach to Protecting Passwords from Statistical-Guessing Attacks

Stuart E. Schechter, Cormac Herley, Michael Mitzenmacher
2010 USENIX Security Symposium  
We create an oracle to identify undesirably popular passwords using an existing data structure known as a count-min sketch, which we populate with existing users' passwords and update with each new user  ...  password.  ...  We use a probabilistic data structure, the count-min sketch [13] (related to a Bloom filter), to efficiently track password popularity within the user base.  ... 
dblp:conf/uss/SchechterHM10 fatcat:lodjvht3pzbwpntm4drnpc4jki

A New Multimodal Approach for Password Strength Estimation—Part I: Theory and Algorithms

Javier Galbally, Iwen Coisel, Ignacio Sanchez
2017 IEEE Transactions on Information Forensics and Security  
After more than two decades of research in the field of password strength estimation, one clear conclusion may be drawn: no password strength metric by itself is better than all other metrics for every  ...  possible password.  ...  Although many techniques can be used for score normalization, the challenge lies in identifying a technique that is both robust and efficient.  ... 
doi:10.1109/tifs.2016.2636092 fatcat:2f7itpdaurhxhhh4fempxpb5ba

Survey on Understanding Android Phone Sensor using Visual Cryptography

Ayesha Pinjari
2019 International Journal for Research in Applied Science and Engineering Technology  
Many web applications give optional verification techniques i.e., mystery questions (or secret key recuperation questions), to reset the record secret phrase when a clients login fizzles.  ...  In visual cryptography picture is isolated into two sections one section is spared in database and another part send to client, Password recuperation time client transfer picture and framework analyze  ...  Also we are dealing with pixels sequentially; in groups these pixels could give us a better result.  ... 
doi:10.22214/ijraset.2019.1001 fatcat:iakbdntlbrckrapoeabkhi3try

OMEN: Faster Password Guessing Using an Ordered Markov Enumerator [chapter]

Markus Dürmuth, Fabian Angelstorf, Claude Castelluccia, Daniele Perito, Abdelberi Chaabane
2015 Lecture Notes in Computer Science  
Passwords are widely used for user authentication, and will likely remain in use in the foreseeable future, despite several weaknesses.  ...  more than 80% of passwords correctly at 10 billion guesses, more than all probabilistic password crackers we compared against.  ...  Recent independent work [14] compared different forms of probabilistic password models and concluded that Markov models are better suited for estimating password probabilities than probabilistic context-free  ... 
doi:10.1007/978-3-319-15618-7_10 fatcat:vhs65pzpozaw7avl26djxt2yp4

When Privacy meets Security: Leveraging personal information for password cracking [article]

Claude Castelluccia, Abdelberi Chaabane, Markus Dürmuth, Daniele Perito
2013 arXiv   pre-print
First, we propose a novel password cracker based on Markov models, which builds upon and extends ideas used by Narayanan and Shmatikov (CCS 2005).  ...  In extensive experiments we show that it can crack up to 69% of passwords at 10 billion guesses, more than all probabilistic password crackers we compared again t.  ...  The first insight of our work will be to build upon and improve on the performance of these probabilistic password crackers.  ... 
arXiv:1304.6584v1 fatcat:zr5lggqmhrdv3i2ukp3vmvpdxm

On the Security of Cracking-Resistant Password Vaults

Maximilian Golla, Benedict Beuscher, Markus Dürmuth
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
Password vaults are used to store login credentials, usually encrypted by a master password, relieving the user from memorizing a large number of complex passwords.  ...  These attacks are based on differences in the generated distribution of passwords, which are measured using Kullback-Leibler divergence.  ...  The authors of NoCrack implemented a full version of a Honey Encryption-based password vault. The implementation must be considered a prototype which does not always  ... 
doi:10.1145/2976749.2978416 dblp:conf/ccs/GollaBD16 fatcat:ki3wnb7zrnfarnlm2zxv7cnbcm

Targeted Online Password Guessing

Ding Wang, Zijian Zhang, Ping Wang, Jeff Yan, Xinyi Huang
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
These models allow us to design novel and efficient guessing algorithms. Extensive experiments on 10 large real-world password datasets show the effectiveness of TarGuess.  ...  While trawling online/offline password guessing has been intensively studied, only a few studies have examined targeted online guessing, where an attacker guesses a specific victim's password for a service  ...  To model the most representative targeted guessing scenarios, we propose four algorithms by leveraging probabilistic techniques including PCFG, Markov and Bayesian theory.  ... 
doi:10.1145/2976749.2978339 dblp:conf/ccs/WangZWYH16 fatcat:aguebiphcral3nuj4fad3cunfq

A survey on E-mail Security and Authentication Process

Namita Sahu, Pawan Patidar
2016 International Journal of Computer Applications  
A computerized signature or advanced mark plan is a sort of uneven cryptography used to the security properties of a transcribed mark on paper.  ...  As a beginning move towards building such a structure, developed a fundamental probabilistic model of customer email direct that join email senders and a customer's mentality of messages.  ...  The proposed technique is differentiated and the other encryption approaches and is seen to give better results.  ... 
doi:10.5120/ijca2016912064 fatcat:jjeemjpoo5fafinqt6u6fuwrim
« Previous Showing results 1 — 15 out of 4,448 results