storing passwords in linux
play

Storing passwords in Linux Stored in /etc/shadow - PowerPoint PPT Presentation

Jun 05, 2023 •425 likes •887 views

Storing passwords in Linux Stored in /etc/shadow seed:$6$5MfvmFOaDU$CVt7:14400:0:99999:7:: Colon-separated values, including: username:hash Hash is $-separated values: Id (6 = based on SHA-512, 1 = based on MD5, etc.)

  1. Storing passwords in Linux • Stored in /etc/shadow seed:$6$5MfvmFOaDU$CVt7…:14400:0:99999:7:: • Colon-separated values, including: • username:hash • Hash is $-separated values: • Id (6 = based on SHA-512, 1 = based on MD5, etc.) • Salt • The hash (after being taken multiple times)

  2. Misusing crypto Avoid shooting yourself in the foot: • Do not roll your own cryptographic mechanisms • Takes peer review • Apply Kerkhoff’s principle • Do not misuse existing crypto • Do not even implement the underlying crypto

  3. A paper from 2013 that looked at how Android 
 apps use crypto, as a function of 6 “rules” that reflect 
 the bare minimum a secure programmer should know:

  4. A paper from 2013 that looked at how Android 
 apps use crypto, as a function of 6 “rules” that reflect 
 the bare minimum a secure programmer should know: 1. Do not use ECB mode for encryption. Period.

  5. A paper from 2013 that looked at how Android 
 apps use crypto, as a function of 6 “rules” that reflect 
 the bare minimum a secure programmer should know: 1. Do not use ECB mode for encryption. Period. 2. Do not use a non-random IV for CBC encryption.

  6. A paper from 2013 that looked at how Android 
 apps use crypto, as a function of 6 “rules” that reflect 
 the bare minimum a secure programmer should know: 1. Do not use ECB mode for encryption. Period. 2. Do not use a non-random IV for CBC encryption. 3. Do not use constant encryption keys .

  7. A paper from 2013 that looked at how Android 
 apps use crypto, as a function of 6 “rules” that reflect 
 the bare minimum a secure programmer should know: 1. Do not use ECB mode for encryption. Period. 2. Do not use a non-random IV for CBC encryption. 3. Do not use constant encryption keys . 4. (see paper)

  8. A paper from 2013 that looked at how Android 
 apps use crypto, as a function of 6 “rules” that reflect 
 the bare minimum a secure programmer should know: 1. Do not use ECB mode for encryption. Period. 2. Do not use a non-random IV for CBC encryption. 3. Do not use constant encryption keys . 4. (see paper) 5. (see paper)

  9. A paper from 2013 that looked at how Android 
 apps use crypto, as a function of 6 “rules” that reflect 
 the bare minimum a secure programmer should know: 1. Do not use ECB mode for encryption. Period. 2. Do not use a non-random IV for CBC encryption. 3. Do not use constant encryption keys . 4. (see paper) 5. (see paper) 6. Do not use static seeds to seed SecureRandom(.)

  10. Crypto misuse in Android apps 15,134 apps from Google play used crypto; Analyzed 11,748 of them

  11. Crypto misuse in Android apps 15,134 apps from Google play used crypto; Analyzed 11,748 of them 48% 31% 17% 16% 14% 12%

  12. Crypto misuse in Android apps 15,134 apps from Google play used crypto; Analyzed 11,748 of them 48% 31% 17% 16% 14% 12%

  13. 
 BouncyCastle defaults • BouncyCastle is a library that conforms to Java’s Cipher interface: Cipher c = 
 Cipher.getInstance(“AES/CBC/PKCS5Padding”); // Ultimately end up wrapping a ByteArrayOutputStream 
 // in a CipherOutputStream • Java documentation specifies:

  16. Crypto misuse in Android apps 15,134 apps from Google play used crypto; Analyzed 11,748 of them 48% 31% 17% 16% 14% 12%

  17. Crypto misuse in Android apps 15,134 apps from Google play used crypto; Analyzed 11,748 of them 48% 31% 17% 16% 14% 12% A failure of the programmers to know the tools they use A failure of library writers to provide safe defaults

  18. Misusing crypto Avoid shooting yourself in the foot: • Do not roll your own cryptographic mechanisms • Takes peer review • Apply Kerkhoff’s principle • Do not misuse existing crypto • Do not even implement the underlying crypto

  19. Why not implement AES/RSA/etc. yourself? • Not talking about creating a brand new crypto scheme, just implementing one that’s already widely accepted and used. • Kerkhoff’s principle: these are all open standards; should be implementable. • Potentially buggy/incorrect code, but so might be others’ implementations (viz. OpenSSL bugs, poor defaults in Bouncy castles, etc.) • So why not implement it yourself?

  20. Side-channel attacks • Cryptography concerns the theoretical difficulty in breaking a cipher Input 
 Output 
 Cryptographic processing 
 message message (Encrypt/decrypt/sign/etc.) Secret keys

  21. Side-channel attacks • Cryptography concerns the theoretical difficulty in breaking a cipher Input 
 Output 
 Cryptographic processing 
 message message (Encrypt/decrypt/sign/etc.) Secret keys • But what about the information that a particular implementation could leak? • Attacks based on these are “ side-channel attacks ”

  22. Side-channel attacks • Cryptography concerns the theoretical difficulty in breaking a cipher Leaked information 
 - Power consumption 
 - Electromagnetic radiation - Other (Timing, errors, etc.) Input 
 Output 
 Cryptographic processing 
 message message (Encrypt/decrypt/sign/etc.) Secret keys • But what about the information that a particular implementation could leak? • Attacks based on these are “ side-channel attacks ”

  23. Simple Power Analysis (SPA) • Interpret power traces taken during a cryptographic operation • Simple power analysis can reveal the sequence of instructions executed

  24. SPA on DES Overall operation clearly visible: 
 Can identify the 16 rounds of DES

  25. SPA on DES 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Overall operation clearly visible: 
 Can identify the 16 rounds of DES

  26. SPA on DES Specific instructions are also discernible

  27. SPA on DES Jump taken No jump taken Specific instructions are also discernible

  28. High-level idea HypotheticalEncrypt(msg, key) { for(int i=0; i < key.len(); i++) { 
 if(key[i] == 0) // branch 0 else // branch 1 } }

  29. High-level idea HypotheticalEncrypt(msg, key) { for(int i=0; i < key.len(); i++) { 
 if(key[i] == 0) What if branch 0 had, e.g., 
 // branch 0 a jmp that brand 1 didn’t? else // branch 1 } }

  30. High-level idea HypotheticalEncrypt(msg, key) { for(int i=0; i < key.len(); i++) { 
 if(key[i] == 0) What if branch 0 had, e.g., 
 // branch 0 a jmp that brand 1 didn’t? else // branch 1 } } Implementation issue: If the execution path depends on the inputs (key/data), then SPA can reveal keys

  31. High-level idea HypotheticalEncrypt(msg, key) { for(int i=0; i < key.len(); i++) { 
 if(key[i] == 0) What if branch 0 had, e.g., 
 // branch 0 a jmp that brand 1 didn’t? else // branch 1 What if branch 0 } } Implementation issue: If the execution path depends on the inputs (key/data), then SPA can reveal keys

  32. High-level idea HypotheticalEncrypt(msg, key) { for(int i=0; i < key.len(); i++) { 
 if(key[i] == 0) What if branch 0 had, e.g., 
 // branch 0 a jmp that brand 1 didn’t? else // branch 1 What if branch 0 } - took longer? (timing attacks) } Implementation issue: If the execution path depends on the inputs (key/data), then SPA can reveal keys

  33. High-level idea HypotheticalEncrypt(msg, key) { for(int i=0; i < key.len(); i++) { 
 if(key[i] == 0) What if branch 0 had, e.g., 
 // branch 0 a jmp that brand 1 didn’t? else // branch 1 What if branch 0 } - took longer? (timing attacks) } - gave off more heat? Implementation issue: If the execution path depends on the inputs (key/data), then SPA can reveal keys

  34. High-level idea HypotheticalEncrypt(msg, key) { for(int i=0; i < key.len(); i++) { 
 if(key[i] == 0) What if branch 0 had, e.g., 
 // branch 0 a jmp that brand 1 didn’t? else // branch 1 What if branch 0 } - took longer? (timing attacks) } - gave off more heat? - made more noise? 
 - … Implementation issue: If the execution path depends on the inputs (key/data), then SPA can reveal keys

  35. Differential Power Analysis (DPA) • SPA just visually inspects a single run • DPA runs iteratively and reactively • Get multiple samples • Based on these, construct new plaintext messages as inputs, and repeat

  36. Mitigating such attacks • Hide information by making the execution paths depend on the inputs as little as possible • Have to give up some optimizations that depend on particular bit values in keys Some Chinese Remainder Theorem (CRT) optimizations - permitted remote timing attacks on SSL servers • The crypto community should seek to design cryptosystems under the assumption that some information is going to leak

  37. Other side-channel attacks • Typical threat model: attacker doesn’t have root access to a particular machine • So we safely store keys in memory • But what if the attacker had physical access to the machine?

  38. Attack • Attacker’s goal: reboot the machine into an OS that that he or she controls to look at memory contents • Challenge: memory loses state without power 5 sec 30 sec 60 sec 5 min

  39. Cold boot attack Memory loses its state slower 
 at really cold temperatures

  40. Cold boot attack Memory loses its state slower 
 at really cold temperatures

  41. Cold boot attack Memory loses its state slower 
 at really cold temperatures

Recommend

User Authentication and Passwords Storing Passwords Selecting Passwords CSS322: Security and

User Authentication and Passwords Storing Passwords Selecting Passwords CSS322: Security and

CSS322 Passwords Authentication Passwords Entropy User Authentication and Passwords Storing Passwords Selecting Passwords CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by

670 views • 28 slides
User Authentication Storing Passwords Selecting Passwords ITS335: IT Security Tokens

User Authentication Storing Passwords Selecting Passwords ITS335: IT Security Tokens

ITS335 User Authentication Authentication Passwords User Authentication Storing Passwords Selecting Passwords ITS335: IT Security Tokens Biometrics Sirindhorn International Institute of Technology Summary Thammasat University Prepared

663 views • 40 slides
Keys to the Kingdom A presentation to: E-Business 2008 Mike Auty E-Security at WDL Date: 16 th

Keys to the Kingdom A presentation to: E-Business 2008 Mike Auty E-Security at WDL Date: 16 th

Keys to the Kingdom A presentation to: E-Business 2008 Mike Auty E-Security at WDL Date: 16 th October 2008 Overview Securing Systems Passwords Storing Passwords Guessing Passwords What can I do about it?

518 views • 16 slides
Good Passwords, Bad Passwords, and How to See the Difference David Klaftenegger Department of

Good Passwords, Bad Passwords, and How to See the Difference David Klaftenegger Department of

Good Passwords, Bad Passwords, and How to See the Difference David Klaftenegger Department of Information Technology Uppsala University, Sweden 20. January 2020 Caveat Auditor Background Passwords this talk contains opinions Diceware

447 views • 43 slides
PASSWORDS CS682: Advanced Security Topics Vasiliki Panteli 3/9/2020 Passwords 1 Passwords

PASSWORDS CS682: Advanced Security Topics Vasiliki Panteli 3/9/2020 Passwords 1 Passwords

PASSWORDS CS682: Advanced Security Topics Vasiliki Panteli 3/9/2020 Passwords 1 Passwords Passwords is a user authentication mechanism that is widely adopted for many years Methods for user authentication: Something you know

901 views • 52 slides
Security: Some Fun with Passwords How to handle Passwords: the Basics Rainbow Attacks Not

Security: Some Fun with Passwords How to handle Passwords: the Basics Rainbow Attacks Not

CSCE Intro to Computer Systems Security - Passwords Security: Some Fun with Passwords How to handle Passwords: the Basics Rainbow Attacks Not too long ago Hi, I forgot my password! Let me help you. What is your name? My Name is John

369 views • 5 slides
Setting Strong Encrypted Passwords Configuring Password Encryption for Clear Text Passwords Cisco

Setting Strong Encrypted Passwords Configuring Password Encryption for Clear Text Passwords Cisco

Setting Strong Encrypted Passwords Configuring Password Encryption for Clear Text Passwords Cisco IOS stores passwords in clear text in network device configuration files for several features such as passwords for local and remote CLI sessions,

354 views • 13 slides
STUDENT PASSWORDS GUI DEL I NES FOR 2 0 1 9 -2 020 S T U D E N T S , U P D A T E Y O U R P A

STUDENT PASSWORDS GUI DEL I NES FOR 2 0 1 9 -2 020 S T U D E N T S , U P D A T E Y O U R P A

STUDENT PASSWORDS GUI DEL I NES FOR 2 0 1 9 -2 020 S T U D E N T S , U P D A T E Y O U R P A S S W O R D F R O M H O M E ! Students: Update your password this summer from home! Student passwords were reset on 7/3/2019. Please follow the

525 views • 14 slides
Passwords in the Wild Passwords in the Wild Who am I...? My blog... SkullSecurity.org Random

Passwords in the Wild Passwords in the Wild Who am I...? My blog... SkullSecurity.org Random

Passwords in the Wild Passwords in the Wild Who am I...? My blog... SkullSecurity.org Random research, rants, etc. Nmap dev news Password database I post updates to Twitter https://twitter.com/iagox86 My job... Tenable Network Security

990 views • 88 slides
Crypto with Passwords Lecture 22 Passwords Password or passphrase: Low-entropy shared secret

Crypto with Passwords Lecture 22 Passwords Password or passphrase: Low-entropy shared secret

Crypto with Passwords Lecture 22 Passwords Password or passphrase: Low-entropy shared secret Typical goal: client authenticating to server, without being tied to a device holding a cryptographic key. On authentication, a session key should be

344 views • 11 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
The Long and Short of Passwords Rich Shay November 5, 2009 1 / 34 The Long and Short of

The Long and Short of Passwords Rich Shay November 5, 2009 1 / 34 The Long and Short of

The Long and Short of Passwords The Long and Short of Passwords Rich Shay November 5, 2009 1 / 34 The Long and Short of Passwords Motivation for Studying Passwords Outline Motivation for Studying Passwords 1 2 Overview of Password Failure

373 views • 36 slides
Authentication of People what you know (passwords) what you have (keys) what you are

Authentication of People what you know (passwords) what you have (keys) what you are

people 1 Authentication of People what you know (passwords) what you have (keys) what you are (biometric devices) where you are (physical) October 26, 2000 people 2 Passwords initial password distribution (students)

559 views • 13 slides
Authentication of People what you know (passwords) what you have (keys) what you are

Authentication of People what you know (passwords) what you have (keys) what you are

people 1 Authentication of People what you know (passwords) what you have (keys) what you are (biometric devices) where you are (physical) Slide 1 Passwords initial password distribution (students) limit password guessing

305 views • 7 slides
11. Persistence The use of files, streams and serialization for storing object model data

11. Persistence The use of files, streams and serialization for storing object model data

11. Persistence The use of files, streams and serialization for storing object model data Storing Application Data Without some way of storing data off-line computers would be virtually unusable imagine a Word Processor which forced you

288 views • 16 slides
CS371m - Mobile Computing Persistence Storing Data Multiple options for storing data

CS371m - Mobile Computing Persistence Storing Data Multiple options for storing data

CS371m - Mobile Computing Persistence Storing Data Multiple options for storing data associated with apps Shared Preferences Internal Storage device memory External Storage SQLite Database Network Connection 2 Saving

1.23k views • 55 slides
Sesame: A Secure and Convenient Mobile Solution for Passwords Dr. Mehrdad Aliasgari , Nick Sabol,

Sesame: A Secure and Convenient Mobile Solution for Passwords Dr. Mehrdad Aliasgari , Nick Sabol,

Sesame: A Secure and Convenient Mobile Solution for Passwords Dr. Mehrdad Aliasgari , Nick Sabol, and Ashutosh Sharma California State University, Long Beach MobiSecServ Feb. 2015 Passwords CSU Long Beach 2 Most Popular Passwords of 2014*

683 views • 20 slides
OVMCS Accounting 2 OVMCS - Accounting Passwords Do not give out your password to ANYONE.

OVMCS Accounting 2 OVMCS - Accounting Passwords Do not give out your password to ANYONE.

The purpose of todays presentation is to provide tools in ARTS to help monitor activity within your office. OVMCS Accounting 2 OVMCS - Accounting Passwords Do not give out your password to ANYONE. Do not publicly post passwords.

332 views • 29 slides
Hash-Based Passwords Steve Bellovin h4ps://www.cs.columbia.edu/~smb

Hash-Based Passwords Steve Bellovin h4ps://www.cs.columbia.edu/~smb

Hash-Based Passwords Steve Bellovin h4ps://www.cs.columbia.edu/~smb smb 1 Problem Area Clients and servers frequently store plaintext passwords Used for

289 views • 9 slides
Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range

Linux from Sensors to Servers ! When is Linux Not Linux? ! 1 1 Linux runs across a huge range of systems ! CC BY-SA 2.0 FHKE, Flickr 2 Whats the difference between Linux on a big thing and Linux on a little thing? ! 3 ! Whats the

900 views • 52 slides
Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the

High Performance Computing using Linux: The Good and the Bad Christoph Lameter HPC and Linux Most of the supercomputers today run Linux. All of the computational clusters in corporations that I know of run Linux. Support for

419 views • 12 slides
Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux Distributions Linux vs Windows Linux Architecture Linux Security 2 What is Linux? Similar Operating System To Microsoft Windows, Sun

1.11k views • 55 slides
Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig

The State of Desktop Linux: Interviews with Different Users About Their Linux Setups Steven Ovadia My Linux Rig www.mylinuxrig.com @steven_ovadia *** Associate Professor/Web Services Librarian LaGuardia Community College About My Linux

458 views • 27 slides
Secure Passwords Through Enhanced Hashing Benjamin Strahs, Chuan Yue, and Haining Wang The

Secure Passwords Through Enhanced Hashing Benjamin Strahs, Chuan Yue, and Haining Wang The

Secure Passwords Through Enhanced Hashing Benjamin Strahs, Chuan Yue, and Haining Wang The College of William and Mary Passwords The most common online authentication method Something you know instead of something you have (hardware

559 views • 29 slides

More recommend