SUBJECT FORENSIC SCIENCE

Paper No. and Title PAPER No. 16: Digital Forensics

Module No. and Title MODULE No. 28: Password Cracking

Module Tag FSC_P16_M28

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 TABLE OF CONTENTS

1. Learning Outcomes

2. Introduction

3. Nature and Extent of Password Cracking

4. Methods of Password Cracking

5. Countermeasures for Password Cracking

6. Summary

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 1. Learning Outcomes

After studying this module, you shall be able to know about-

 The significance of Passwords
 Common approaches of password cracking
 Some methods for the prevention from password cracking

2. Introduction

Using passwords and password management practices for providing access rights is a
technique that is as longstanding as the antiquity of operating systems. Passwords are a system
designed to be responsible for authentication. There are various methods to authenticate users
of a system, such as, a user can use a physical object like a key card, or prove his identity using
a special characteristic like a fingerprint, or use something that only the user knows. In contrast
to the other methods discussed, a major advantage of using authentication through a password
is that in the event that the password becomes compromised it can be effortlessly changed. The
majority of computer systems are still protected mainly with a user name and password, and a
lot of users employ the same password on multiple systems. With the rapid expansion of
internet technologies, social networks, and other related areas, user authentication becomes
increasingly essential to protect the data of the users. Password validation is one of the
extensively used methods to achieve authentication for authorized users and defense against
impostors. There have been countless password cracking techniques developed during the past
years, and individuals have been forecasting the countermeasures against password cracking all
along. Password hacking is one of the easiest and most common ways hackers get hold of
unauthorized computer or network access. Although strong passwords that are difficult to crack
are easy to generate and retain, users often neglect this. For that reason, passwords are one of
the weakest links in the information- security sequence. Passwords exclusively depend upon
confidentiality. After a password is compromised, its original owner isn’t the merely one who
can access the system with it, but the imposter can also do. Hackers have countless methods to
obtain passwords. They can gather passwords only by enquiring for them or by eyeing over the
shoulders of users as they type them in. Hackers can also acquire passwords from local
computers by using various types of password cracking softwares. To obtain passwords from
across a network, hackers can use remote cracking utilities or network analysers.

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 3. Nature and Extent of Password Cracking

The password has been used to encrypt the data or message for a long time in the history and it
leads to a discipline known as cryptography. Additionally, with the rapid development of
computer science, the password is now also regularly used for the user authentication issue,
which is very important to the internet security. There are generally four means of
authenticating user identity based on:

1) Something the individual distinguishes, such as, passwords, PIN, answers to specified
questions,
2) Something the individual owns, such as, tokens like smartcards, electronic keycards or
physical keys,
3) Something the individual is having naturally like static biometrics, e.g. fingerprint, retina,
face, and
4) Something the individual does like dynamic biometrics, e.g. voice pattern, handwriting,
typing rhythm

In the different ways and means, password authentication is broadly used line of defense
against trespassers. In the password authentication system, user identification determines that
the user is authorized to access the system at the user’s rights. It is also from time to time used
in discretionary access control meaning that others can login using the privileged identity.
When user make available the name or login and password, the system equates password with
the one stored for that identified login. On the other hand, some users do not take note to the
privacy or intricacy of the passwords with an assumption of having no such confidentiality
collections upon internet. This allows the mischievous crackers to create the damage on the
complete system if they are provided with an entry point to the system. Additionally, the higher
speed computational processors have made the threats of system crackers, data theft and data
corruption easier than earlier.

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 4. Methods of Password Cracking

Since passwords remain the most extensively used mechanism to authenticate users, obtaining
the passwords is still a common and effective attack approach. The traditional password
cracking methods include defrauding, stealing, user analysis, algorithm analysis and fully
guessing, among others and some of them are discussed below:

4.1 Stealing Password

Stealing can be accomplished by eyeing around the person’s desk, shoulder surfing, sniffing
the connection to the network to get unencrypted passwords, gaining access to a password
database and malware. In the shoulder surfing, hackers will take the appearance of a parcel
courier delivery man, service technician or something else to make them get access to an
office. In the malware attack, the key logger or screen scraper is usually installed by malware
that can record everything the user types and take screen shots during the login process.
Besides, some malwares try to look for the existence of a web browser client password file and
copy the available passwords from the browsing history.

4.2 Defrauding

One more way to gain the password is to defraud the users by social engineering or phishing on
line. One instance is to telephone an office pretending as a expert IT security technician and
ask for the users’ account or network access passwords. In the phishing attack, users will
receive a phishing email that contains links leading to simulated websites such as the online
banking and payment, etc. and makes some appalling problem to the accounts’ security.

4.3 User Analysis

Users have a tendency to to generate the passwords based on the things they habitually chat
about on social networks or somewhere else. Password crackers are likely to look at this kind
of information and make a few speculations during the cracking of passwords. The hackers can
reduce the password cracking time by the analysis of the special users according to their
characteristics, such as the individuals’ name, job title, interests, relations, hobbies, and so on.
One of such kind of attack is known as Spidering. The hackers understand that many corporate
passwords are generated by connecting to the business itself. They attempt to construct custom
word lists by the studying of corporate literature, website material and listed customers, etc.

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 4.4 Algorithm Analysis

Algorithm analysis attacks focus on the used encryption algorithms such as the cryptanalytic
attacks which are also used in the decryption of ciphertext. It depends upon the nature of the
algorithm, selected knowledge of the common characteristics of the text and some sample of
plaintext- ciphertext pairs. This kind of attack abuses the characteristics of the algorithms to
attempt to gather a specific plaintext or the keys.

4.5 Completely Guessing

The widely used kind of method for password cracking is the entirely guessing, which includes
the dictionary attack, brute-force attack, hybrid of dictionary and brute-force, rainbow table
attacks, etc.

 Dictionary Attacks: It is the most commonly used manoeuvre to break into the system. In
the dictionary attack, a large dictionary containing of possible passwords (frequently used
passwords, e.g. the common dictionary words, the combination of several words, etc.) is
used by the hackers trying to gain the access to the users’ computer or network. The
common tactic is to applying the similar encryption method to the dictionary of passwords
to compare with the copy of an encrypted file containing the passwords.

 Brute-force attacks: Brute-force attacks can crack any password if given ample time.
Brute-force attacks attempts every combination of numbers, letters, and special characters
until the password is discovered. Brute-force attack guesses the password using a random
approach by trying different passwords and anticipating one works. This methodology is
different from the dictionary attack in the use of non-dictionary words, which can contain
all possible alpha-numeric even special character combinations.

 Rainbow Table Attacks: In the rainbow table attacks, the hackers use a rainbow table that
is a list of pre-computed hash values for all encrypted passwords. Rainbow tables contain a
connection between a hash value and its corresponding password. By having this
connection pre-calculated for all possible hash values, a quick search through the tables for
a desired hash value can reveal the password.

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 5. Countermeasures for Password Cracking

The protecting of passwords from compromised and unauthorized use is a vital issue since the
passwords remain the most popular approach for authentication. The countermeasures for
password cracking could be accomplished in two stages generally, i.e. the password design
stage and after the generation.

5.1 Password Design Stage

5.1.1 User Education: Users can be educated with the importance of using strong
passwords and be trained how to generate hard to guess passwords using some
password selection tactics. For instance, the password must contain capital letters
and small letters, numbers, and special characters. The length of the password must
not be less than a certain number or the use of passphrase which is generally longer
than a word or the use of beginning characters of each word in a memorable
sentence, etc.

5.1.2 Dynamic Passwords: Use of one-time password, dynamic password and static
password are proposed by several experts, of which one-time password is one way
to provide a high level of security. The dynamic password stipulates that the
password is changed frequently or at a short time interval while the static password
means the password is the same for all the time when logging on the system. The
organization could force some requirements for the users to change the passwords
periodically, e.g. weekly, monthly, or every half-year. In a one-time password
scheme, a new password is required each time when the user log on the account to
prevent the hackers from using a pre-compromised password. The length of time
interval can be based on the sensitivity of the protected information.

5.1.3 Use of Token: The password can be generated by using some security tokens that
are used to ease authentication by authorized users of computer services. The token
may be a physical device such as the smart cards. The password appearing on the
token can be changed regularly with a time interval, which achieves the dynamic
password mechanism and reduces the importance of stolen passwords because of its
short time validity.

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 Furthermore, regularly shifting password decreases the likelihood of successful cracking by
brute-force attack if the attacker uses the password list within a single shift. After the user types
in the password appearing on the token the password on the server site may be already changed
to the next one due to the time delay. The token can be also equipped with inserted switch
algorithms. In this case, the user types in the numbers appearing on the token then the
calculator will generate a password using the inserted algorithms.

5.1.4 Computer Generated Passwords: Users can also use the computer generated
password for their account. Using some pre-design, the computer generated
password ordinarily makes sure a certain length contains special characters and is
un-pronounceable, which is difficult for the hackers to crack successfully within a
short time. However, computer generated password is not easily to remember for
the users due to the fact that it is mostly meaningless.

5.2 After the Generation of Passwords

5.2.1 Reactive Password: Checking in a reactive password checking approach, the

system intermittently runs its own password cracker to find guessable passwords.
The system will cancel passwords that are guessed and notifies the users. The
disadvantages are that it consumes resources very much and the hackers can also
use this strategy to find the weak passwords if they get the password file copy.

5.2.2 Proactive Password Checker: Another way to reject the weak passwords is
proactive password checking. Different with reactive password checking, proactive
password checking allows users to select their own password. However the system
will check if the password is allowable or not. The goal is that users can select
memorable passwords that are difficult to guess. Many researchers have designed
their proactive password checkers.

5.2.3 Password Encryption: The password encryption protections include the hash
functions. In the computer security and cryptography, hash functions refer to the
algorithms that take a variable-size input and return a fixed-size string output as the
hash value. This approach ensures that any changes on the input data will result in a
different hash value. There are several common characteristics of hash function
including the easy computation, pre-image resistance, second pre-image resistance,
and collision resistance, etc.

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking
 5.2.4 Access Control: The common belief is that if the hackers cannot get the password
(or encrypted password) files, then the password cracking competency will be very
much reduced because that the hackers cannot perform the offline guessing.
According to this analysis, the password file access control is essential and efficient
for the control of the password cracking and this method is used in some systems.
Password file access control method also holds some weaknesses, such as the
weakness in the operating systems that let access to the password file, inadvertent
permission of making the password file readable, sniffing password transmit in
network and weak challenge or response schemes in network protocols, etc.

6. Summary

 Passwords are a system designed to be responsible for authentication. There are various
methods to authenticate users of a system, such as, a user can use a physical object like a
key card, or prove his identity using a special characteristic like a fingerprint, or use
something that only the user knows.

 Password validation is one of the extensively used methods to achieve authentication for
authorized users and defense against impostors.

 The password has been used to encrypt the information or message for a long time in the
history and it leads to a discipline known as cryptography.

 Password authentication is broadly used line of defense against trespassers. In the

password authentication system, user identification determines that the user is authorized
to access the system at the user’s rights.

 The traditional password cracking methods include stealing, defrauding, user analysis,
algorithm analysis and fully guessing.

 The countermeasures for password cracking could be accomplished in two stages

generally, i.e. the password design stage and after the generation.

FORENSIC SCIENCE PAPER NO.16: Digital Forensics

MODULE NO.28: Password Cracking