45 hack into things. I beg to differ: You have this mindset |
45 hack into things. I beg to differ: You have this mindset |
46 already when in school you were thinking, at least |
46 already when in school you were thinking, at least |
47 hypothetically, about ways in which you can cheat in an exam |
47 hypothetically, about ways in which you can cheat in an exam |
48 (whether it is by hiding notes or by looking over the |
48 (whether it is by hiding notes or by looking over the |
49 shoulders of your fellow pupils). Right? To defend a system, |
49 shoulders of your fellow pupils). Right? To defend a system, |
50 you need to have this kind mindset and be able to think like |
50 you need to have this kind of mindset and be able to think like |
51 an attacker. This will include understanding techniques that |
51 an attacker. This will include understanding techniques that |
52 can be used to compromise security and privacy in systems. |
52 can be used to compromise security and privacy in systems. |
53 This will many times result in insights where well-intended |
53 This will many times result in insights where well-intended |
54 security mechanisms made a system actually less |
54 security mechanisms made a system actually less |
55 secure.\medskip |
55 secure.\medskip |
135 every time the card is used. Even later this group found |
135 every time the card is used. Even later this group found |
136 another problem with Chip-and-PIN and ATMs which did not |
136 another problem with Chip-and-PIN and ATMs which did not |
137 generate random enough numbers (nonces) on which the security |
137 generate random enough numbers (nonces) on which the security |
138 of the underlying protocols relies. |
138 of the underlying protocols relies. |
139 |
139 |
140 The problem with all this is that the banks who introduced |
140 The overarching problem with all this is that the banks who |
141 Chip-and-PIN managed with the new system to shift the |
141 introduced Chip-and-PIN managed with the new system to shift |
142 liability for any fraud and the burden of proof onto the |
142 the liability for any fraud and the burden of proof onto the |
143 customer. In the old system, the banks had to prove that the |
143 customer. In the old system, the banks had to prove that the |
144 customer used the card, which they often did not bother with. |
144 customer used the card, which they often did not bother with. |
145 In effect, if fraud occurred the customers were either refunded |
145 In effect, if fraud occurred the customers were either |
146 fully or lost only a small amount of money. This |
146 refunded fully or lost only a small amount of money. This |
147 taking-responsibility-of-potential-fraud was part of the |
147 taking-responsibility-of-potential-fraud was part of the |
148 ``business plan'' of the banks and did not reduce their |
148 ``business plan'' of the banks and did not reduce their |
149 profits too much. |
149 profits too much. |
150 |
150 |
151 Since banks managed to successfully claim that their |
151 Since banks managed to successfully claim that their |
189 Let us look at another example which will help with understanding how |
189 Let us look at another example which will help with understanding how |
190 passwords should be verified and stored. Imagine you need to develop |
190 passwords should be verified and stored. Imagine you need to develop |
191 a web-application that has the feature of recording how many times a |
191 a web-application that has the feature of recording how many times a |
192 customer visits a page. For example in order to give a discount |
192 customer visits a page. For example in order to give a discount |
193 whenever the customer has visited a webpage some $x$ number of times |
193 whenever the customer has visited a webpage some $x$ number of times |
194 (say $x$ equal $5$). There is one more constraint: we want to store |
194 (say $x$ equals $5$). There is one more constraint: we want to store |
195 the information about the number of visits as a cookie on the |
195 the information about the number of visits as a cookie on the |
196 browser. I think, for a number of years the webpage of the New York |
196 browser. I think, for a number of years the webpage of the New York |
197 Times operated in this way: it allowed you to read ten articles per |
197 Times operated in this way: it allowed you to read ten articles per |
198 month for free; if you wanted to read more, you had to pay. My best |
198 month for free; if you wanted to read more, you had to pay. My best |
199 guess is that it used cookies for recording how many times their pages |
199 guess is that it used cookies for recording how many times their pages |
200 was visited, because if I switched browsers I could easily circumvent |
200 was visited, because if I switched browsers I could easily circumvent |
201 the restriction about ten articles.\footnote{Another online media that |
201 the restriction about ten articles.\footnote{Another online media that |
202 works in this way is the Times Higher Education |
202 works in this way is the Times Higher Education |
203 \url{http://www.timeshighereducation.co.uk}. It also uses cookies to |
203 \url{http://www.timeshighereducation.co.uk}. It also seems to |
204 restrict the number of free articles to five.} |
204 use cookies to restrict the number of free articles to five.} |
205 |
205 |
206 To implement our web-application it is good to look under the |
206 To implement our web-application it is good to look under the |
207 hood what happens when a webpage is displayed in a browser. A |
207 hood what happens when a webpage is displayed in a browser. A |
208 typical web-application works as follows: The browser sends a |
208 typical web-application works as follows: The browser sends a |
209 GET request for a particular page to a server. The server |
209 GET request for a particular page to a server. The server |
529 \url{http://www.klein.com/dvk/publications/passwd.pdf}.} |
529 \url{http://www.klein.com/dvk/publications/passwd.pdf}.} |
530 Historically, compiling a list for a dictionary attack is not |
530 Historically, compiling a list for a dictionary attack is not |
531 as simple as it might seem. At the beginning only ``real'' |
531 as simple as it might seem. At the beginning only ``real'' |
532 dictionaries were available (like the Oxford English |
532 dictionaries were available (like the Oxford English |
533 Dictionary), but such dictionaries are not optimised for the |
533 Dictionary), but such dictionaries are not optimised for the |
534 purpose of cracking passwords. The first real hard data about actually |
534 purpose of cracking passwords. The first real hard data about |
535 used passwords was obtained when a company called RockYou |
535 actually used passwords was obtained when a company called |
536 ``lost'' 32 Million plain-text passwords. With this data of |
536 RockYou ``lost'' at the end of 2009 32 Million plain-text |
537 real-life passwords, dictionary attacks took off. Compiling |
537 passwords. With this data of real-life passwords, dictionary |
538 such dictionaries is nowadays very easy with the help of |
538 attacks took off. Compiling such dictionaries is nowadays very |
539 off-the-shelf tools. |
539 easy with the help of off-the-shelf tools. |
540 |
540 |
541 These dictionary attacks can be prevented by using salts. |
541 These dictionary attacks can be prevented by using salts. |
542 Remember a hacker needs to use the most likely candidates |
542 Remember a hacker needs to use the most likely candidates |
543 of passwords and calculate their hash-value. If we add before |
543 of passwords and calculate their hash-value. If we add before |
544 hashing a password a random salt, like \pcode{mPX2aq}, |
544 hashing a password a random salt, like \pcode{mPX2aq}, |
627 |
627 |
628 \begin{center} |
628 \begin{center} |
629 \url{http://goo.gl/dIzqMg} |
629 \url{http://goo.gl/dIzqMg} |
630 \end{center} |
630 \end{center} |
631 |
631 |
|
632 \noindent Here is an interesting blog-post about how a group |
|
633 ``cracked'' efficiently millions of bcrypt passwords from the |
|
634 Ashley Madison leak. |
|
635 |
|
636 \begin{center} |
|
637 \url{http://goo.gl/83Ho0N} |
|
638 \end{center} |
|
639 |
632 \noindent Clearly, passwords are a technology that comes to |
640 \noindent Clearly, passwords are a technology that comes to |
633 the end of its usefulness, because brute force attacks become |
641 the end of its usefulness, because brute force attacks become |
634 more and more powerful and it is unlikely that humans get any |
642 more and more powerful and it is unlikely that humans get any |
635 better in remembering (securely) longer and longer passwords. |
643 better in remembering (securely) longer and longer passwords. |
636 The big question is which technology can replace |
644 The big question is which technology can replace |