Visible to the public On the Security of Cracking-Resistant Password Vaults

TitleOn the Security of Cracking-Resistant Password Vaults
Publication TypeConference Paper
Year of Publication2016
AuthorsGolla, Maximilian, Beuscher, Benedict, Dürmuth, Markus
Conference NameProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
Date PublishedOctober 2016
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4139-4
Keywordsaudits, compositionality, cracking-resistance, Encryption, encryption audits, honey encryption, Metrics, natural language encoders, password managers, pubcrawl, resilience
Abstract

Password vaults are used to store login credentials, usually encrypted by a master password, relieving the user from memorizing a large number of complex passwords. To manage accounts on multiple devices, vaults are often stored at an online service, which substantially increases the risk of leaking the (encrypted) vault. To protect the master password against guessing attacks, previous work has introduced cracking-resistant password vaults based on Honey Encryption. If decryption is attempted with a wrong master password, they output plausible-looking decoy vaults, thus seemingly disabling offline guessing attacks. In this work, we propose attacks against cracking-resistant password vaults that are able to distinguish between real and decoy vaults with high accuracy and thus circumvent the offered protection. These attacks are based on differences in the generated distribution of passwords, which are measured using Kullback-Leibler divergence. Our attack is able to rank the correct vault into the 1.3% most likely vaults (on median), compared to 37.8% of the best-reported attack in previous work. (Note that smaller ranks are better, and 50% is achievable by random guessing.) We demonstrate that this attack is, to a certain extent, a fundamental problem with all static Natural Language Encoders (NLE), where the distribution of decoy vaults is fixed. We propose the notion of adaptive NLEs and demonstrate that they substantially limit the effectiveness of such attacks. We give one example of an adaptive NLE based on Markov models and show that the attack is only able to rank the decoy vaults with a median rank of 35.1%.

URLhttps://dl.acm.org/doi/10.1145/2976749.2978416
DOI10.1145/2976749.2978416
Citation Keygolla_security_2016