Interleaving Cryptanalytic Time-Memory Trade-Offs on Non-uniform Distributions

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9326)

Abstract

Cryptanalytic time-memory trade-offs (TMTO) are famous tools available in any security expert toolbox. They have been used to break ciphers such as A5/1, but their efficiency to crack passwords made them even more popular in the security community. While symmetric keys are generated randomly according to a uniform distribution, passwords chosen by users are in practice far from being random, as confirmed by recent leakage of databases. Unfortunately, the technique used to build TMTOs is not appropriate to deal with non-uniform distributions. In this paper, we introduce an efficient construction that consists in partitioning the search set into subsets of close densities, and a strategy to explore the TMTOs associated to the subsets based on an interleaved traversal. This approach results in a significant improvement compared to currently used TMTOs. We experimented our approach on a classical problem, namely cracking 7-character NTLM Hash passwords using an alphabet with 34 special characters. This resulted in speedups ranging from 16 to 76 (depending on the input distribution) over rainbow tables, which are considered as the most efficient variant of time-memory trade-offs.

Notes

Acknowledgments

We thank the anonymous reviewers for their constructive comments.

References

  1. 1.
    Atom: The Hashcat password cracker (2014). http://hashcat.net/hashcat/
  2. 2.
    Avoine, G., Carpent, X.: Optimal storage for rainbow tables. In: Lee, H.-S., Han, D.-G. (eds.) ICISC 2013. LNCS, vol. 8565, pp. 144–157. Springer, Heidelberg (2014) Google Scholar
  3. 3.
    Avoine, G., Junod, P., Oechslin, P.: Time-memory trade-offs: false alarm detection using checkpoints. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 183–196. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  4. 4.
    Avoine, G., Junod, P., Oechslin, P.: Characterization and improvement of time-memory trade-off based on perfect tables. ACM Trans. Inf. Syst. Secur. TISSEC 11(4), 1–22 (2008)CrossRefGoogle Scholar
  5. 5.
    Barkan, E., Biham, E., Shamir, A.: Rigorous Bounds on cryptanalytic time/memory tradeoffs. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 1–21. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  6. 6.
    Barkan, E.P.: Cryptanalysis of ciphers and protocols. Ph.D. thesis, Technion - Israel Institute of Technology, Haifa, Israel, March 2006Google Scholar
  7. 7.
    Bonneau, J.: The science of guessing: analyzing an anonymized corpus of 70 million passwords. In: IEEE Symposium on Security and Privacy - S&P 2012, San Francisco, CA, USA. IEEE Computer Society, May 2012Google Scholar
  8. 8.
    Denning, D.: Cryptography and Data Security, p. 100. Addison-Wesley, Boston (1982)MATHGoogle Scholar
  9. 9.
    Hellman, M.: A cryptanalytic time-memory trade off. IEEE Trans. Inf. Theory IT 26(4), 401–406 (1980)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Hoch, Y.Z.: Security analysis of generic iterated hash functions. Ph.D. thesis, Weizmann Institute of Science, Rehovot, Israel, August 2009Google Scholar
  11. 11.
    Hong, J., Jeong, K.C., Kwon, E.Y., Lee, I.-S., Ma, D.: Variants of the distinguished point method for cryptanalytic time memory trade-offs. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 131–145. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  12. 12.
    Lee, G.W., Hong, J.: A comparison of perfect table cryptanalytic tradeoff algorithms. Cryptology ePrint Archive, report 2012/540 (2012)Google Scholar
  13. 13.
    Lestringant, P., Oechslin, P., Tissières, C.: Limites des tables rainbow et comment les dépasser en utilisant des méthodes probabilistes optimisées (in French). In: Symposium sur la sécurité des technologies de l’information et des communications - SSTIC, Rennes, France, June 2013Google Scholar
  14. 14.
    Massey, J.L.: Guessing and entropy. In: International Symposium on Information Theory - ISIT 1994, Trondheim, Norway, p. 204. IEEE, June 1994Google Scholar
  15. 15.
    Narayanan, A., Shmatikov, V.: Fast dictionary attacks on passwords using time-space tradeoff. In: ACM Conference on Computer and Communications Security - CCS 2005, Alexandria, VA, USA, pp. 364–372. ACM, November 2005Google Scholar
  16. 16.
    Oechslin, P.: Making a faster cryptanalytic time-memory trade-off. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 617–630. Springer, Heidelberg (2003) CrossRefGoogle Scholar
  17. 17.
    Oechslin, P.: The ophcrack password cracker (2014). http://ophcrack.sourceforge.net/
  18. 18.
    Peslyak, A.: The John the Ripper password cracker (2014). http://www.openwall.com/john/
  19. 19.
    Russell, S.J., Norvig, P.: Artificial Intelligence: A Modern Approach, vol. 2. Pearson Education, Upper Saddle River (2003) MATHGoogle Scholar
  20. 20.
    Shuanglei, Z.: The RainbowCrack project (2014). http://project-rainbowcrack.com/
  21. 21.
    Standaert, F.-X., Rouvroy, G., Quisquater, J.-J., Legat, J.-D.: A time-memory tradeoff using distinguished points: new analysis & FPGA results. In: Kaliski, B.S., Koç, C.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 593–609. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Open Access This chapter is distributed under the terms of the Creative Commons Attribution Noncommercial License, which permits any noncommercial use, distribution, and reproduction in any medium, provided the original author(s) and source are credited.

Authors and Affiliations

  • Gildas Avoine
    • 1
    • 2
  • Xavier Carpent
    • 3
  • Cédric Lauradoux
    • 4
  1. 1.INSA de Rennes, IRISA UMR 6074RennesFrance
  2. 2.Institut Universitaire de FranceParisFrance
  3. 3.Université Catholique de LouvainLouvain-la-NeuveBelgium
  4. 4.INRIARennesFrance

Personalised recommendations