1. Password cracking techniques
How do they steal our passwords?
How can cybercriminals steal our passwords?
There are different ways, but in most of the cases they act on human error. We will point out here the two techniques that are most frequently used to obtain – with minimum effort – a password that is not adequately guarded.
» Social engineering: through emails or phishing messages the user is convinced to communicate his own password.
» Credential stuffing: a service database that contains a great number of user passwords is hacked and the passwords are tried on other websites. The LinkedIn case is famous: around 164 million credentials were stolen (this happened in 2012 but the passwords were put up for sale in 2016), among these there was also the one of Mark Zuckerberg, who used the same password for LinkedIn (which was “dadada”) also for his Twitter and Pinterest accounts.
The technique used is indeed credential stuffing, a practice that exploits the enormous quantity of data breaches that have taken place over the years and that have generated many databases of stolen credentials, easy to find on the dark web. This mine of information is used by cybercriminals to attack other web services where the users have re-used the same passwords.
And all this is carried out in a totally automated manner, using a software like SHARD (which is open source and available on GitHub).
In this way, it is possible to try the same combinations of username and password on websites and services that have not been hacked yet. They are so-called “low intensity” attacks, which make no sound, hence they do not generate any kind of alarm in the attacked system (because they are not repetitive, like instead are “brute force” attacks).
But, since the terrible habit of using the same password on different services is so widespread (as reminded earlier for Zuckenber and not only him …), this attack has a great chance of success.
It should not be necessary to stress again how today it has become important to protect one’s passwords: by now, it should be considered an elementary “cyber hygiene” norm – for all users of computers and of the web.
Passwords are the “keys” of our digital life: according to the Verizon Data Breach Investigation Report 2017 (VDBIR 10th edition), “81% of account breaches are realized through stolen and/or weak passwords”.
The problem of keeping one’s credentials safe is becoming quite complicated: it is well-known that each user must manage around 100 passwords. And if they must all be different, this cannot be done only through mnemonical rules.
This is where Password managers come in hand, hence applications that aim to save all our passwords in a safe and – obviously – encrypted way!
>> FlashStart protects you from a wide range of threats, including malware and phishing attempts ? Start your free trial now
2. Hash and Password
Let’s now examine how passwords are managed, with the aim of understanding the way in which password cracking techniques work.
To do this, it is important to know what Hash are and how they are used to manage passwords.
HASH are encryption algorithms that turn an arbitrarily long datum (message) into a binary string (fingerprint) of fixed length (a length which varies depending on the algorithm used). The binary string is then converted and represented in hexadecimal (hence its length is reduced four times).
The characteristic of Hash is that of being one way, meaning non-reversible: from the hash it is not possible to get back to the initial value.
This is a substantial difference compared to encryption algorithms (AES, RSA, etc.), which instead are reversible if you know the key (password).
The most used Hash algorithms are:
» MD5 (“Message Digest” – 1991): it generates a 128bit fingerprint (32 hexadecimal alphanumeric symbols). Developed by Ronald Rivest, it is by now not considered safe anymore.
» SHA-1 (“Secure Hash Algorithm 1” – 1995): it generates a 160bit fingerprint (40 hexadecimals). Not considered safe anymore, after Google showed the possibility for collision.
» SHA-2 (“Secure Hash Algorithm 2” – 2001): it’s a safer variant of SHA-1, with bigger hash dimensions, from 256 (64 hexadecimals) to 512bit (128 hexadecimals).
» SHA-3: it has been defined by the NIST through the FIPS PUB 202 (August 2015) and is destined to become the new standard.
The other peculiar characteristics the hash must have are:
» Coherence: it must generate a univocal result. Therefore, input A will always produce hash B, which represents A’s fingerprint.
» Randomness: it must be impossible to interpret. From the hash, it is impossible to understand what the original message is, you can only be certain that – if the hash is the same – the original must be the same as well. This function is useful when you do the “checksum” of a file: if the file that gets transferred or copied keeps the same hash (before and after), it means that it has not been altered or corrupted.
» Uniqueness: the probability that two different messages generate the same hash must be zero. This characteristic is defined as “resistance to collisions”.
In encryption terms, a collision takes place when a hashing algorithm produces the same hash starting from two different inputs. But since all hashing algorithms can generate a finite number of results, resistance to collision is directly proportional to its complexity.
For example, MD5 always produces a 128bit string. Hence, the possible MD5 hash are 2128 , an enormous value, but still a finite number.
To increase resistance to collisions – since calculation power has also increased – it is necessary to use more powerful hashing algorithms, hence with a higher bit number: SHA 2 generates a 256 or 512 bit string; therefore, the possible combinations are respectively 2256 and 2512 (which corresponds to 1,3*10154), numbers that are exponentially much bigger than those generated by MD5 and SHA-1.
Why are hash useful: for their peculiarities, hash are used for many aims.
One of the most important is linked to the authentication and security of passwords.
Today, in all “serious” websites users passwords are saved in the database as hash and not in plain symbols. This is the reason why, in case the password is forgotten, the website won’t be able to give us back our password (because it doesn’t have it), but will send us a link to set up a new one.
Unluckily, a few websites still save passwords in plain symbols, but they are less and less frequent.
Hence, when you register onto a website, it calculates the hash of the passwords that you set and saves the hash in its database.
During the next login, the password that we input will be converted to the hash (using one of the available algorithms) and will be compared to the one present in the database.
If the two hash match, the login is allowed, otherwise it means the typed password is wrong.
The advantage of using has is clear: if an attacker manages to block the password database, he will find only the hash and not the passwords in plain symbols. Since the hash are not reversible, it should be impossible to track back the passwords.
It should be impossible…but actually it’s not completely impossible. With password hashing we have certainly made the attacker’s job more difficult, but with the tools we will show now, he might nevertheless be able to obtain our password.
3. Types of attacks to passwords through password cracking
When the attacker does not manage to steal the password thanks to human error, as we explained in the introduction, he can exploit more sophisticated techniques, like “password cracking”.
Cracking a password is a complex procedure, it requires adequate IT knowledge and tools, such as powerful computers and dedicated softwares. But in some cases it can be effective.
It can be realized in two different ways:
» ONLINE attack: it is obviously slow and inefficient, since it requires the online answer of the “questioned” website. Moreover, it is quite frequent for a website to impose a limit on the number of attempts a login can go wrong. Therefore, it can be useful in low intensity attacks, like the above-mentioned “credential stuffing”. It is used also in RDP attacks (Remote Desktop Protocol): in many cases, in fact, those who use RDP do not worry about limiting the number of access attempts and sets inadequate passwords. For the attacker, being able to access the RDP port is just a matter of time. And frequently, this access aims to introduce ransomware, which blocks the hacked system.
» OFFLINE attack: this is the real password cracking attack.
For it to take place, the attacker must have already been able to obtain access to the hash database for the passwords.
This can be reached in several ways:
» Compromising the system: in modern UNIX systems, passwords are memorized in an encrypted way in the file/shadow/etc, which is accessible only to who has administrative privileges (root permits).
» Compromising the DB of an application.
» Using the Mimikatz tool: it’s a tool designed to recover all the passwords managed by Windows. The tool was realized by Benjamin Delpy when he worked for a French governmental agency and is available as opensource software on GitHub.
» Hacking the WiFi network.
Once he comes into possession of the password hash, the attacker will have all the time he needs to try and trace back the hash to the password, since password cracking becomes an offline process, which requires no network connection.
He will, of course, have to do it by trial and error since the hash – as explained above – is not reversible.
A first way of doing it is by creating “Rainbow Tables”: these are tables where all possible inputs are inserted in order to calculate the respective hash. They were invented by Martin Hellman, the creator (together with Whitfield Diffie) of the Diffie-Hellman algorithm to exchange keys, which has allowed the development of encryption in a public perspective.
Rainbow tables are files with enormous dimensions, also beyond 100 GB, which can be found on the web.
In order to contrast rainbow tables and make their use more difficult, it is is a good habit to increase the length of the password: in this way, the dimensions of the necessary rainbow tables will also have to increase exponentially.
Another countermeasure used today is the so-called salt: when a user sets a password, the system creates an additional casual value, the salt. This value is added to the password as a hash and, in this way, it produces another value, different from the one generated by the password.
This additional measure is effective exactly against rainbow tables, but could be not enough to defend us from other types of attacks, like “brute force” and “dictionary attacks”.
>> FlashStart checks all your Internet traffic and prevents you from accessing malicious and dangerous websites ? Check out our offer
4. Password cracking techniques
4.1 Brute force
This is the standard attack realized offline, with no need to keep a connection to the victim’s system, on condition that the password hash database has already been obtained (with the procedures described above). It consists in trying all possible passwords, one after the other, starting from the simplest or most plausible combinations, and then growing up to the maximum length established.
To carry out these attacks, password cracking softwares are used, which are easy to find online and that automate the attack.
The most popular are: John the Ripper and Hashcat. There are also several others, including Elzapop, Cain&Abel, etc.
Moreover, there are free, online cracking services (everything can be found on the web!), like crackstation.net.
Although this is a rudimental attack, since it operates on “brute force”, it can be effective thanks to the growing power of current computers: today, by exploiting the computational power of Graphic Processing Units (GPUs) set out in a parallel way, it is possible to realize, for a reasonable cost, computers that are able to carry out up to 100 GH/s, hence 100 billion of hash per second.
It can actually be claimed that the brute force attack has a granted success, on condition that it has an unlimited time frame.
But since time is not – in practice – a negligible aspect (nobody cares about taking years or centuries to crack a system…), let’s see what are the variables that affect the time that the attack needs to be successful:
» password length;
» password complexity and type of alphanumerical symbols used.
An example will clarify these aspects:
» a password that is 8-character long made up only by numbers will have a number of combinations equal to 108=100,000,000. With an analysis power of 100 GH/s it will be discovered in much less than a second.
» if the password, instead, is 14-character long and uses all types of possible characters on the keybord (hence numbers, lowercase and capital letters, special characters, in total 95), the number of possible combinations will be 9514=4.8* 1027. Considering 100 GH/s, around 1,546 million years will be necessary. Hence password complexity renders unfeasible a brute force attack.
This is why the Entropy concept was invented, which gives us a measure about password strength. We will discuss it later.
4.2 “Dictionary” attack
As shown above, brute force attacks are highly inefficient. This is why attackers make use of more effective and intelligent methods that – by exploiting users’ bad habits – manage to restrict the search field.
One of the methods used is the “dictionary” attack: since people use meaningful words for their passwords, these are the first that the attackers will try. One or more dictionary files are uploaded by the password cracking software, which will look it up when searching for the password.
These dictionaries are available on the web: the Italian language dictionary counts around 300,000 words and is a text file of some MB. Moreover, the list of the million most used words in the world is a file that is about 8 MB. Of course, dictionaries in several languages are available, which can be downloaded and used.
This is a much faster way compared to brute force (less attempts but more targeted) and allows you to easily discover the weakest passwords.
4.3 Attack “with rules”
It is based on the fact that people tend to re-use the same passwords, modifying simply some characters, in the illusion of making them stronger while still making it easy to keep them in mind. They are the so-called “obvious password modifications”.
It is well known, for instance, the the word “password” is usually modified in:
P@ssword, PASSWORD, passw0rd, P@$$w0rd, etc.
Password cracking software already implement these substitution algorithms, making the normal dictionary attack more effective.
The attack that uses these rules is the one that – statistically – has the highest effectiveness in terms of time/result.
4.4 “Pattern (mask)” attack
In this case, we focus only on real patterns, that we know are those that people actually tend to use.
When a password is required, which includes at least a capital letter, a number and a special symbol, the pattern that, statistically, is most used is: capital letter at the beginning, numbers and special symbols at the end.
In this way, we can limit the number of attempts, focusing the brute force attack on the passwords that are statistically more probable.
4.5 Combined techniques of password cracking
To increase the efficiency of the password cracking attack, the various techniques mentioned above are combined together. In this way, the attacker increases by a lot his chances of discovering the password from its hash.
5. Password entropy
We conclude this article by illustrating the concept of ENTROPY, used in encryption to provide a mathematical measure of the complexity of a password. A password with a higher entropy is more difficult to discover.
The notion of “Entropy” was introduced in 1948 by Claude Shannon, an American engineer and mathematician, defined as the “father of information theory”. In 1948 he published an essay titled “A mathematical theory of communication”, a scientific essay where he set out the theoretical bases for the study of coding systems and information transmission. It was in this research that Shannon chose the bit as the elementary unit to measure information.
And indeed the bit is used as the unit of measurement for the entropy of a password. Let’s see what we mean: if the password is chosen with the same probability for each symbol, there are NL possible passwords (where N = number of possible symbols; L = password length).
The entropy S of a password has hence been defined as:
S=log2(NL) where log2= logaritmo in base 2.
For a correct security level, the password should have an entropy of at least 64 bit.
Over 128 bit it is not necessary anymore to increase password strength since the further increase in security would be useless.
Let’s see some examples:
» 8-character password (only letters + numbers):S=log2(628)=47.63 bit ? Inadequate
» 12-character password (letters + numbers + special symbols):S=log2(9512)=78.838 bit ? Sufficient
» 20-character password (letters + numbers + special symbols):S=log2(9520)=131.397 bit ? Adequate
This allows us to conclude that a password that is 20-character long and that uses all types of characters (numbers, lowercase and capital letter, special symbols) is widely sufficient to grant a high level of security.
You can install FlashStart easily on all types of routers and end-points and, with just a few steps, enjoy a safe navigation ? Start your free trial now
6. How can we defend ourselves?
To conclude, we have seen how the password cracking techniques described here subordinate their success chance to the errors of users.
Besides the “bad habits” already described, there’s a factor that can make password cracking almost inefficient: creating a long password, made of a totally casal combination of letters, numbers and special symbols.
6.1 What length?
As we highlighted, considering entropy and the computational power available with current computers (this consideration will lose its value when quantum computers become available), it is a good safety measure to set a password that is at least 12 character long and up to a maximum of 20 characters (there’s no need to go beyond that!) and that uses all types of characters (numbers, lowercase and capital letters, special symbols).
Obviously, this password is safe as long as it is not written on a post-it attached to the keyboard or the computer screen!
And this shows once more that:
“The human factor is truly security’s weakest link”
(“The art of Deception”, Kevin Mitnick – 2002)
7. The author
Giorgio Sbaraglia, engineer, is a consultant and trainer on the topics of cyber security and privacy.
He holds training courses on these topics for numerous important Italian companies, including ABIFormazione and the 24Ore Business School.
He is the scientific coordinator of the Master “Cybersecurity and Data Protection” of the 24Ore Business school.
He is a member of the Scientific Committee CLUSIT (Italian Association for Cyber Security) and an Innovation Manager certified by RINA
He has DPO (Data Protection Officer) positions in companies and Professional Associations.
He is the author of the following books:
» “GDPR kit di sopravvivenza” – “GDPR survival kit” (Edited by goWare),
» “Cybersecurity kit di sopravvivenza. Il web è un luogo pericoloso. Dobbiamo difenderci!” – “Cybersecurity survival kit. The web is a dangerous place. We must defend ourselves!” (Edited by goWare),
» “iPhone. Come usarlo al meglio. Scopriamo insieme tutte le funzioni e le app migliori” – “iPhone. How to use it to its full potential. Let’s discover together all the functions and best apps” (Edited by goWare).
He collaborates with CYBERSECURITY360 a specialized online magazine of the group Digital360 focusing on Cybersecurity.
You can activate the FlashStart® Cloud protection on any sort of Router and Firewall to secure desktop and mobile devices and IoT devices on local networks.