Menu
homePhoto and video

What can you use instead of a password? Using a dynamically changing password

Back

CHAPTER IV

TECHNOLOGIES OF HACKING SOFTWARE PROTECTIONS

Preventing the spread of information about attacks creates a dangerous illusion of security...

Chris Kaspersky. Technology and philosophy hacker attacks.

A programmer who knows technical protection methods must undoubtedly know the technologies for hacking protections in order, firstly, not to repeat mistakes existing systems and secondly, create more efficient and reliable mechanisms. The author of the protection must also be well acquainted with the tools of modern crackers and take into account the capabilities of existing program research tools (debuggers, disassemblers, viewers) when designing software protection mechanisms and systems.

In this chapter, we will look at the basic ideas, techniques, algorithms and technologies that allow you to remove, bypass or hack software protection. We will also give some recommendations for improving protective mechanisms.

Experiments with hacking the famous US cryptographic standard are widely known - DES algorithm (Data Encryption Standard). 56-bit DES key -the algorithm was unbreakable for about twenty years. “... it fell on June 17, 1997, 140 days after the start of the competition (at the same time, about 25% of all possible keys were tested and spent 450 MIPS -years " . In 1998, a hack was reported DES -algorithm in 56 hours.

With a sharp jump in performance computer technology collided first RSA algorithm, to reveal which it is necessary to solve the factorization problem. In March 1994, factorization of a 129-digit number (428 bit6), which lasted for 8 months, was completed. This involved 600 volunteers and 1,600 machines connected via email. The machine time spent was equivalent to approximately 5,000 MIPS years.

On January 29, 1997, RSA Labs announced a competition for the dissection symmetric algorithm RC5. The 40-bit key was revealed 3.5 hours after the start of the competition! (This did not even require connecting computers via the Internet - a local network of 250 machines at Berkeley University was enough). After 313 hours, the 48-bit key was also opened [24].

Even a novice programmer can write a program that constructs all possible sequences of symbols from a given sequential enumerable set. Obviously, the author of the defense’s calculation should be based on the fact that a complete search would take a period of time beyond what is reasonable. And the first thing developers use for this is to increase the length of the key (password). In their own way they are right. But

Firstly, as already noted, the power of computers is growing, and if a complete search yesterday required a long period of time, the time that the computer will need tomorrow will most likely be acceptable to remove the protection.

Due to the dramatic increase in computing power, brute-force attacks have a much higher chance of success than before. If for UNIX systems The crypt() function, which is responsible for hashing passwords, was implemented in such a way that it took almost 1 second to execute on a PDP class machine, but in twenty years the speed of its calculation has increased 10,000 times (!). Therefore, if earlier hackers (and developers who limited the password length to 8 characters) could not even imagine a complete search, today such an attack on average will lead to success in 125 days.

Secondly, to increase the speed of enumeration, effective algorithms have already been proposed and can be improved (usually based on formal logic and using set theory, probability theory and other areas of mathematics). In addition, fast search algorithms are also used. (For example, to attack RSA and similar systems are proposed to use self-organizing table search.)

Moreover, special equipment has already been created that performs search functions.

It is important to note that storing a password hash function does not eliminate the possibility of a brute force attack, but only changes the time required for cracking. In fact, now the program that searches passwords must be supplemented by calculating the hash function of each option and comparing the result with the hash standard.

Let us pay attention to one more circumstance related to protection based on password hashing. Some hash functions may return the same result as the original for an incorrect password. To remove protection from in this case just find any suitable password, which obviously weakens the protection and reduces the cost of hacking. (Hash functions have this property, giving a result comparable in length (in bits) to a password.)

Let us dwell on another type of brute-force password search technique - the so-called Dictionary attack . This is a method that can be used to crack a meaningful password. The method is based on the fact that the user, for easier memorization, selects a (dictionary) word that exists in a certain language. Considering that there are no more than 100,000 words in any language, it is obvious that a complete search of dictionary words will occur within a short period of time.

Nowadays, programs that select passwords based on dictionary words are widespread. Now only an irresponsible or lazy user can settle on a meaningful password. Let us recall that, in addition to checking the dictionary, such programs “can” change character cases, “know” punctuation marks, “guess” that the user can turn a word around, glue two words together using a punctuation mark or number, etc. transformations.

It is noteworthy that modern developed means of protection against unauthorized access, allowing the user to independently choose a password for access, are equipped with modules that check the selected password for belonging to such dictionaries and in this case do not allow the password to be used.

Programs that carry out dictionary attacks work quite quickly, as they implement efficient search and comparison algorithms. For example, they use not slow string comparison, but comparison checksums and so on. Many of them do not even contain a word base, but use dictionaries built into common text editors.

_____________________________

* Password protection should be used in cases where either a brute-force attack will be ineffective, or the attacker will not have access to sufficiently powerful computing tools to carry out a brute-force attack (we must not forget about the possibility of using network technologies).

* To strengthen password protection, you should use any original techniques that reduce the speed of password search.

* You can slightly strengthen password protection by carrying out two (dependent) checks in the program: both the password and the result of the password hash function, while “hiding” the protection mechanism at the proper level, or, at a minimum, refusing direct comparison. In this case, it is advisable to specifically select a hash function that produces a large number of passwords that match the hash standard. With this implementation of the defense mechanism, the attacker will need to attack two parameters.

* Protection works even more effectively if the password (and better function password) serves as an encryption key for some part of the program code. In this case, the cracker, after trying all possible passwords (yielding a given hashing result), will have to decrypt the code.

Note that in this type of protection, that is, when checking several parameters simultaneously, the hash function that gives the required result for large quantity passwords, makes it much more difficult to crack.

___________________________________________________________

More details

1. Examples of attacks on security mechanisms - Chris Kaspersky "Technique and Philosophy of Hacker Attacks".

2. Generating pseudo-random number sequences - Yu.S. Kharin, V.I. Bernik, G.V. Matveev “Mathematical foundations of cryptology”, pp. 153-188; V. Zhelnikov “Cryptography from papyrus to computer”, pp. 181-207.

Nobody wants to lose access to accounts social networks or mailboxes, but very often this still happens. Most often, the cause of this problem is the insufficient strength of the password used. Many sites do not allow passwords shorter than 8 characters, but this measure is not always effective.

The best option is to generate user password specialized program, however, it should be borne in mind that even the most hack-resistant password can be stolen or simply lost. Protection confidential information should be carried out comprehensively, but it must begin with the creation strong password. Let's look at the main methods used by attackers to crack passwords:

Vocabulary busting

Use of malware

The method allows an attacker to steal a password file from a browser, or simply record and save the sequence of data entered when logging in (used for this purpose) and then send it for processing to any address. To prevent such an attack, you should install software only from trusted suppliers and limit as much as possible the access of outsiders to your computer;

Direct password theft

Simple but amazing effective method. A plumber, signalman or electrician walks into the office of a reputable company and no one pays attention to him. On the contrary, he carefully records everything that his camera or an experienced eye can notice. In any office you can see stickers with calligraphic logins and passwords on the monitors, especially for lovely ladies... Such a disregard for security can easily ruin a company. You can and should fight by strengthening internal discipline;

Spider Method

Professional hackers have long noticed that most words and phrases used as passwords are related to the main activities of companies or individuals. Having gone through world wide web, competitor websites or specialized literature can be significantly reduced search database. It is useless to fight, but taking advantage automatic generation password, the user nullifies attempts to use this technique against him.

All other methods represent modifications the listed methods. The purpose of this article was the need to focus users’ attention not only on creating crack-resistant passwords, but also on the need to carefully store them.

Checking password strength

The problem of password security is relevant all over the world, so there are many sites that offer an approximate calculation of the time it takes to crack them. We invite the user to experiment with their passwords on their own. A lot can be learned to understand methods for increasing burglary resistance by testing different passwords on the site's resistance to hacking. The analysis uses the basic methods used by automatic hacking programs.

With its help, you can significantly simplify the process of registration and authorization on any sites, forums, social networks. networks. To do this, when registering on any site, we generate a profile, copy the necessary fields from it to the site, and delete unnecessary fields in the profile, download and save the created profile on the computer, noting the name of the site where it was used. Ready.

In addition, with its help you can come up with an interesting photo for your avatar for Instagram, VKontakte and other social networks.

Bookmark, use and share on social networks with friends!

The vast majority of operating systems use a name and password to identify and authenticate users. To identify, the user must enter his name, and for authentication, enter a password - text string, known only to him. The username is usually assigned to him by the system administrator.

The identification and authentication procedure using a name and password is extremely simple. The user enters a name and password from the keyboard, the operating system searches the user list for an entry that relates to that user, and compares the password stored in the user list with the password entered by the user. If an entry for a logged-in user is present in the user list and the password contained in that entry matches the one entered, identification and authentication is considered successful and user authorization begins. Otherwise, the user is denied access and cannot use the operating system until the user is successfully identified and authenticated. If user identification and authentication occurs during the user's login process remote server, the username and password are sent over the network (usually encrypted).

To provide reliable protection operating system, the password of each user should be known only to this user and no one else, including system administrators. At first glance, the fact that the administrator knows the password of a certain user does not negatively affect the security of the system, since the administrator, having logged into the system as regular user, receives rights that are less than those that he would receive by logging into the system on his own behalf. However, by logging into the system on behalf of another user, the administrator is able to bypass the audit system, as well as perform actions that compromise this user, which is unacceptable in a secure system.

From the above it follows that user passwords should not be stored in the operating system in open form. Since the system administrator must have access to the user list to perform his duties (this is necessary, for example, to register new users), if passwords are stored there openly, the administrator has access to them. This gives the administrator the ability to log in to the system on behalf of any registered user.

Typically, to encrypt passwords in a list of users, one of the known cryptographically strong hash functions is used - an easily computable function f, for which the function f1 (possibly ambiguous) cannot be calculated in an acceptable time. The list of users does not store the password itself, but an image of the password, which is the result of applying a hash function to the password. The one-way nature of the hash function does not allow you to recover a password using an image of the password, but it does allow, by calculating the hash function, to obtain an image of the password entered by the user and thus verify the correctness of the entered password. In the simplest case, the result of encrypting some constant in the password is used as a hash function.



The hash function used to generate password images must be cryptographically strong. The fact is that it is almost impossible to ensure that password images are kept secret from all users of the system. An operating system administrator, using his privileges, can easily read password images from the file or database in which they are stored. At network authentication user on the server, the password image is transmitted via open channels communications and can be intercepted by anyone network monitor. If an attacker, knowing the value of the hash function (the image of the user’s password), can, in a reasonable time, select a function argument corresponding to this value (the user’s password or an equivalent password), there can be no talk of any protection of information in the operating system. This does not mean that password images should be publicly available. Storing password images in a file or database that only system processes, creates an additional layer of protection.

Must be involved in the password image generation procedure markant– number or string generated randomly and stored in clear text along with the password image. This is necessary in order to the same passwords different images corresponded. Otherwise, an attacker can carry out a number of attacks on the operating system, the most dangerous of which is as follows.

The attacker takes some electronic dictionary and for each word from this dictionary it generates exactly the same hash function that is used to generate the password image. The words and their corresponding hash functions are stored in the database. Having intercepted a password image of a certain user, the attacker searches in this database for a word corresponding to the intercepted password image. This is the required password (or a password equivalent to the required one). The probability of successfully obtaining a password from an image can be made as high as desired - for this you just need to have enough big dictionary. Moreover, to replenish the dictionary, an attacker does not necessarily have access to the attacked operating system. Moreover, an attacker can store the dictionary outside the attacked system, for example on his home computer. This attack can only be implemented if the same passwords match the same password images. If a marker is used when generating a password image, this attack is impossible.

If a user logs on to a system and enters their username or password incorrectly, the operating system should give them an error message without indicating what information is incorrect. Otherwise, password selection is greatly simplified.

When passwords are used to authenticate users, there are two main threats to the operating system's authentication subsystem - password theft and password guessing.

To ensure reliable protection against password theft, the operating system's security subsystem must meet the following requirements:

The password entered by the user is not displayed on the computer screen;

Entering a password from command line unacceptable.

In addition, operating system users should be instructed to:

The need to keep the password secret from other users, including operating system administrators;

The need to immediately change the password after it has been compromised;

The need to change your password regularly;

It is inadmissible to write the password on paper or in a file.

As for password guessing, before moving on to describing the means of protecting against this threat, you should consider password guessing methods in more detail.

3.2.1. Password guessing methods

There are the following methods for guessing user passwords.

1. Total overkill. In this case, the attacker will sequentially try all possible password options. If the password is longer than four to six characters, this method is completely ineffective.

2. Total search, optimized based on symbol occurrence statistics. Miscellaneous symbols occur in user passwords with different probabilities. For example, the probability that the letter "a" will appear in a user's password is much higher than the probability that the character "A" will appear in the password. According to various studies, the statistics of the occurrence of characters in the password alphabet is close to the statistics of the occurrence of characters in natural language.

At practical application In this method, the attacker first tries passwords consisting of the most frequently occurring characters, due to which the brute-force time is significantly reduced. Sometimes when selecting passwords, not only statistics on the occurrence of symbols are used, but also statistics on the occurrence of bigrams and trigrams - combinations of two and three consecutive characters, respectively.

To select passwords using this method in different time many programs have been written. Some of them alternately feed into the operating system authentication subsystem various options password, others try out variations of the password by generating a hash function and then comparing it with a known password image. In the first case, the speed of password guessing is determined by the performance of the operating system. In the second case, the average time to select a password of 6-8 characters, which does not include any numbers or punctuation marks, varies from several tens of seconds to several hours, depending on the computing power of the computer and the efficiency of the implementation of the hash function generation algorithm in the program that selects passwords.

3. Total search, optimized using dictionaries. In most cases, user passwords are English or Russian words. Since it is much easier for a user to remember a meaningful word than a meaningless sequence of characters, users prefer to use meaningful words as passwords. At the same time, the quantity possible options password is sharply reduced. Really, English language contains only about 100,000 words (not counting scientific, technical, medical and other terms), which is 6.5 times less than the number of all combinations of four English letters.

When using this password guessing method, an attacker will first try as passwords all the words from the dictionary containing the most probable passwords. An attacker can create such a dictionary himself, or he can take it, for example, from the Internet, where there is great amount similar dictionaries adapted for various countries peace. If the password being selected is not in the dictionary, the attacker will try various combinations of words from the dictionary, words from the dictionary with one or more letters, numbers and punctuation marks added to the beginning and/or end, etc.

Typically this method is used in combination with the previous one.

4. Password guessing using user knowledge. It was already mentioned above that users try to use easy-to-remember passwords. Many users, in order not to forget the password, choose their first name, last name, date of birth, phone number, car number, etc. as the password. In this case, if the attacker knows the user well, it is usually enough for him to carry out only 10-20 tests.

5. Selecting a password image. If the operating system authentication subsystem is designed in such a way that the password image is significantly shorter than the password itself, an attacker can guess not the password, but its image. However, in this case, an attacker, having selected a password image, must obtain the password itself corresponding to the selected image, and this is only possible if the hash function used in the system is not sufficiently strong.

3.2.2. Password Compromise Protection

We will say that a password has been compromised if the user's password becomes known to some other user. Compromise can occur as a result of either user carelessness or password theft or guessing by an attacker. Exists whole line methods that can somewhat reduce the threat of compromising user passwords, some of which we will now consider.

1. Limiting the password expiration date. When using this method, each operating system user is required to change the password at certain intervals. It is advisable to limit the maximum password validity period to 30-60 days. Less strong restrictions do not give desired effect, and when using stronger restrictions, the likelihood that the user will forget his password increases dramatically. Once a password has expired, the user must change their password within a period of time (usually 1-2 days) after logging in for the first time after the expiration date. If the user has not changed the password within the allotted time, the operating system prevents him from logging in until the system administrator explicitly allows it.

The password expiration date should be limited not only from above, but also from below. Otherwise, the user, having changed the password, can immediately return to the old password by changing the password again.

It is also advisable to check the uniqueness of the new password each time you change your password. To do this, the operating system must store not only the image current password user, but also images of the last 5-10 passwords used by him.

2. Restrictions on the content of the password. This method is that the user can choose not an arbitrary string of characters as a password, but only a string that satisfies certain conditions. The following conditions are commonly used:

– the password length should not be less than a certain number of characters; in the literature on computer security and operating system documentation usually recommends prohibiting the use of passwords shorter than 6-8 characters, but taking into account the rapid progress of computing technology, it is now advisable to limit the length of passwords to 10-14 characters;

– the password must contain at least 5-7 different characters;

– the password must include both lowercase and capital letters;

– the user’s password must not coincide with his name;

– the password should not be present in the list of “bad” passwords stored in the system.

As a rule, operating system administrators can vary these restrictions both within the entire operating system and for individual users. For example, if a certain username is used for guest logins, it is not practical to set restrictions on the password used.

When choosing password restrictions, be aware that if password restrictions are too strong, users will have difficulty remembering their passwords.

3. Blocking the terminal. With this method, if the user enters the username and password incorrectly several times in a row, the terminal from which the user logs in is locked and the user cannot continue to log in further. The parameters of this method are:

– maximum permissible quantity unsuccessful attempts login from one terminal;

– time interval after which the counter of unsuccessful login attempts is reset;

– duration of terminal blocking (can be made unlimited; in this case, terminal blocking can only be removed by the system administrator).

4. User blocking. This method differs from the previous one only in that it is not the terminal from which the user logs in that is blocked, but Account user.

5. Password generation by the operating system. In this case, users cannot come up with their own passwords - the operating system does this for them. When the user needs to change the password, he enters the appropriate command and receives New Password from the operating system. If the user is not satisfied with the proposed password option, he may request another option from the operating system. The main advantage of this method is that the operating system generates passwords randomly, and it is almost impossible to guess such passwords. On the other hand, such passwords are usually difficult to remember, forcing users to write them down on paper. If this is not a threat to system security (for example, if the user logs in only via the Internet from his/her home computer), this model authentication is close to ideal. Otherwise, it is inappropriate to use it.

6. Password and review. With this authentication scheme, when a user logs in, the operating system gives the user a random number or string to which the user must provide correct feedback. In fact, the password is the parameters of the algorithm for converting the operating system request into a correct user response. These parameters are selected randomly by the operating system for each user, which essentially reduces this authentication scheme to the previous one.

7. One-time password. In this case, the user's password is automatically changed after each successful login. This authentication scheme reliably protects against password guessing, since even if an attacker guesses a certain password, he can only use it once. In addition, a user whose password is compromised will not be able to log in the next time because he will try to enter the previous password already used by the attacker. The disadvantage of this scheme is that it is almost impossible to remember many constantly changing passwords. In addition, users often “lose count” when trying to enter a password when logging in that is already out of date or has not yet taken effect. Due to these and some other shortcomings in practice this scheme practically not used.

Some of the listed methods can be used in combination.

One of the common authentication schemes is simple authentication, which is based on the use of traditional reusable passwords while harmonizing the means of its use and processing. Authentication based on reusable passwords is simple and a clear example use of shared information. While in most protected virtual networks VPN ( Virtual Private Network), client access to the server is permitted using a password.

Authentication based on reusable passwords. Basic principle“single sign-on” assumes that the user only needs to pass the authentication procedure once to gain access to all network resources. Therefore, modern operating systems provide a centralized authentication service, which is performed by one of the network servers and uses a database for its work. This database stores the credentials of network users. These credentials include user IDs and passwords along with other information.

In a simple authentication scheme, the transmission of the password and user ID can be done in the following ways:

· in unencrypted form; for example, according to the PAP password authentication protocol (Password Authentication Protocol), passwords are transmitted over the communication line in an open, unprotected form;

· in a protected form; all transmitted data (user ID and password, random number and timestamps) are protected through encryption or a one-way function.

Obviously, the authentication option with the transmission of the user’s password in unencrypted form does not even guarantee minimum level security, as it is susceptible to numerous attacks and is easily compromised. To protect the password, it must be encrypted before being sent over an insecure channel. For this purpose, the scheme includes means of encryption EK and decryption DK, controlled by a shared secret key K. User authentication is based on a comparison of the password PA sent by the user and the original PA value stored on the authentication server. If the PA and PA values ​​match, then the PA password is considered genuine and User A is considered legitimate.

Schemes for organizing simple authentication differ not only in the methods of transmitting passwords, but also in the types of their storage and verification. The most common method is to store user passwords in clear text in system files, with read-write protection attributes set on these files (for example, by describing the corresponding privileges in the operating system access control lists). The system matches the user-entered password with the password entry stored in the file. This method does not use cryptographic mechanisms such as encryption or one-way functions. Obvious disadvantage this method is the possibility of an attacker gaining administrator privileges in the system, including access rights to system files and, in particular, to the password file.

From a security perspective, the preferred method for transmitting and storing passwords is using one-way functions. Typically, one of the known cryptographically strong hash functions is used to encrypt the passwords in the user list. The list of users does not store the password itself, but an image of the password, which is the result of applying a hash function to the password.

In the simplest case, the result of encrypting some constant in the password is used as a hash function. For example, a one-way function h(·) can be defined as follows:

where P - user password; ID - user identifier;

EP is an encryption procedure performed using the password P as the key.

Such functions are convenient if the password and key are the same length. In this case, authentication of user A using the password PA consists of sending the mapping () A h P to the authentication server and comparing it with the equivalent h"(PA) pre-calculated and stored in the authentication server database - Fig. 2.17. If the mapping h( PA) and h"(PA) are equal, then the user is considered to have successfully passed authentication.

Rice. 2.17

In practice, passwords consist of only a few characters to allow users to remember them. Short passwords are vulnerable to brute-force attacks. In order to prevent such an attack, the function h(P) can be defined differently, for example in the following form:

where K and ID are the sender's key and identifier, respectively.

There are two forms of representing objects that authenticate the user:

· external authenticating object, not belonging to the system;

· an internal object belonging to the system into which information is transferred from an external object.

Let's assume that there are n users registered in the computer system. Let the i-th authenticating object of the i-th user contain two information fields:

· IDi - immutable identifier of the i-th user, which is analogous to a name and is used to identify the user;

· Ki - user authentication information, which can be changed and is used for authentication (for example, password Pi = Ki).

The aggregate information in the key medium can be called the primary authentication information of the i-th user. Obviously, the internal authenticating object should not exist in the system for a long time (more than the working time of a particular user). For long-term storage, data should be used in a secure form.

Simple authentication systems based on reusable passwords have reduced strength because they select authentication information from a relatively small set of words. The validity period of reusable passwords should be defined in the organization's security policy, and such passwords should be changed regularly. You need to choose passwords so that they are difficult to guess and are not included in the dictionary.

Authentication based on one-time passwords. The essence of the one-time password scheme is to use different passwords with each new request for access. A one-time dynamic password is only valid for one login and then expires. Even if someone intercepted it, the password would be useless. The dynamic password setting mechanism is one of the best ways protect the authentication process from external threats. Typically, one-time password authentication systems are used to verify remote users.

The following methods of using one-time passwords for user authentication are known:

1) Using a timestamp mechanism based on the unified time system.

2) Using a list random passwords, common to the legal user and the verifier, and a reliable mechanism for synchronizing them.

3) Using a pseudo-random number generator common to the user and the reviewer, with the same initial value.

One-time passwords can be generated by hardware or programmatically. Some hardware access devices based on one-time passwords are implemented in the form of miniature devices with a built-in microprocessor, similar in appearance to plastic payment cards. Such cards, usually called keys, may have a keypad and a small display.

As an example of implementing the first method, consider the SecurID authentication technology based on one-time passwords using hardware keys and a time synchronization mechanism. This authentication technology was developed by Security Dynamics and implemented in communication servers of a number of companies, in particular in servers from Cisco Systems and others.

When using this authentication scheme, strict time synchronization is naturally required hardware key and servers. Since a hardware key can operate for several years, it is quite possible that the internal clock of the server and the hardware key will gradually become out of sync. To solve this problem security company Dynamics uses two methods:

· during the production of a hardware key, the deviation of the frequency of its timer from the nominal value is accurately measured. The magnitude of this deviation is taken into account as a parameter of the server algorithm;

· the server monitors codes generated by a specific hardware key and, if necessary, dynamically adapts to this key.

There is another problem with a time-based authentication scheme. The random number generated by the hardware key is a reliable password for a short, finite period of time. Therefore, it is in principle possible for a short-term situation where a hacker could intercept the PIN and random number and use them to gain access to the network. This is the most vulnerable point of an authentication scheme based on time synchronization.

There are other options for hardware implementation of the authentication procedure using one-time passwords, for example, challenge-response authentication. When a user tries to log into the network, the authentication server sends him a request in the form of a random number. The user's hardware key encrypts this random number using, for example, the DES algorithm and the user's secret key stored in the hardware key's memory and in the server's database. The random query number is returned in encrypted form to the server. The server, in turn, also encrypts the random number it generates using the same DES algorithm and the same user secret key extracted from the server database. The server then compares the result of its encryption with the number that came from the hardware key. If these numbers match, the user receives permission to enter the network. It should be noted that the challenge-response authentication scheme is more difficult to use compared to the time-synchronized authentication scheme.

The second method of using one-time passwords for user authentication is based on the use of a list of random passwords that is common to the user and the verifier, and a reliable mechanism for synchronizing them. A shared list of one-time passwords is represented as a sequence or set secret passwords, where each password is used only once. This list must be distributed in advance between the parties to the authentication exchange. A variation of this method is to use a response request table, which contains the requests and responses used by the parties to perform authentication, each pair needing to be used only once.

The third method of using one-time passwords to authenticate users is based on the use of a pseudo-random number generator common to the user and the verifier, with the same initial value. The following implementations of this method are known:

· sequence of convertible one-time passwords. During the next authentication session, the user creates and transmits a password specifically for this session, encrypted in secret key, obtained from the previous session password;

· password sequences based on a one-way function. The essence of this method is consistent use one-way function (the famous Lamport scheme). This method is preferable from a security point of view compared to the sequentially converted password method.

One of the most common one-time password authentication protocols is the Internet standardized S/Key protocol (RFC 1760). This protocol implemented in many systems that require authentication of remote users, in particular in Cisco's TACACS+ system.

Under passwordis understood as a certain sequence of characters, kept secret and presented when accessing a computer system. Password entry is usually done using the keyboard. The main advantage of password authentication is simplicity and familiarity. Passwords have long been built into OS and other services. At correct use Passwords can provide an acceptable level of security for many organizations.

Sometimes passwords are not kept secret from the very beginning, since they have standard values ​​specified in the documentation, and they are not always changed after the system is installed.

You can spy on your password entry. Sometimes they are even used for peeping optical instruments. The password can be guessed using the "method brute force", using, for example, a dictionary. If the password file is encrypted but readable, you can download it to your computer and try to guess the password by programming a brute force (assuming that the encryption algorithm is known).

The following measures can significantly increase the reliability of password protection:

Overlay technical limitations(the password should not be too short, it should contain letters, numbers, punctuation marks, etc.);

managing password expiration dates and changing them periodically;

Restricting access to the password file;

Limiting the number of failed login attempts (this will make it more difficult to use brute force methods);

User training;

Usage software generators passwords (such a program, based on simple rules, can generate only euphonious and, therefore, memorable passwords).

It is advisable to always apply the listed measures, even if other authentication methods are used along with passwords.

Existing password methods for authenticating users when entering an information system can be divided into two groups:

· authentication methods based on a simple password;

· authentication methods based on dynamically changing passwords.

The user authentication password when using a simple password does not change from session to session for the lifetime set by the security administrator.

When using a dynamically changing password, the user's password for each new session or new period of validity of one password changes according to rules that depend on the method used.

Using a simple password

The authentication procedure using a simple password can be represented as next sequence actions:

The user sends a request to access the computer system and enters his identifier;

The system asks for a password;

The user enters a password;

The system compares the received password with the user password stored in the security reference database and allows access if the passwords match; otherwise user to resources computer system not allowed.

Since the user may make a mistake when entering a password, the system must provide an acceptable number of repetitions for entering the password.

In a reference database, passwords, like other information, should never be stored explicitly, but only encrypted. In this case, you can use both reversible and irreversible encryption methods.

According to the reversible encryption method, the reference password, when entered into the reference database, is encrypted using a key that matches this reference password, and the user password entered after identification for comparison with the reference password is also encrypted using a key that matches this entered password. Thus, when compared, the reference and entered passwords are encrypted and will match only if the original entered password matches the original one. If the original entered password does not match the original master password, the original entered password will be encrypted differently, since the encryption key is different from the key that encrypted the master password, and after encryption it will not match the encrypted master password.

The following main methods can be identified to increase the strength of the security system at the authentication stage:

Increasing the degree of non-triviality of the password;

Increasing the length of the password character sequence;

Increasing the delay time between allowed attempts to re-enter an incorrectly entered password;

Increasing restrictions on the minimum and maximum password validity time.

Using a dynamically changing password

Dynamic password authentication methods provide greater security because the frequency of password changes is maximum - the password for each user changes daily or every few days. At the same time, each next password in relation to the previous one changes according to rules depending on the authentication method used.

There are the following password protection methods based on the use of a dynamically changing password:

Circuit modification methods simple passwords;

Methods for identifying and establishing the authenticity of subjects and various objects;

Request-response method;

Functional methods.

The most effective of these methods are functional.

Methods for modifying a simple password scheme.Methods for modifying the simple password scheme include randomization of password characters and one-time use of passwords. When using the first method, each user is allocated a fairly long password, and each time not the entire password is used for identification, but only some part of it. During the authentication process, the system asks the user for a group of characters under a given sequence number. The number of characters and their sequence numbers for the request are determined using a pseudorandom number sensor. With one-time use of passwords, each user is allocated a list of passwords. During the request process, the password number to be entered is selected sequentially from a list or according to a random sampling scheme. A disadvantage of simple password scheme modification methods is that users must remember long passwords or lists of them. Writing passwords down on paper creates a risk of loss or theft of storage media with passwords written on them.

Methods for identifying and authenticating subjects and various objects.When exchanging information, it is recommended in any case to provide for mutual verification of the authenticity of the authority of the object or subject. If information is exchanged over a network, then the procedure must be followed. To do this, it is necessary that each of the objects and subjects be assigned unique name. Each of the objects (subjects) must be stored in its own memory (inaccessible to unauthorized persons) a list containing the names of objects (subjects) with which the processes of exchanging protected data will be carried out.

Request-response method.When using the request-response method in information system an array of questions is created in advance and especially protected, including both questions general, as well as personal questions related to a specific user, for example, questions relating to cases from his life known only to the user. To confirm the user's authenticity, the system sequentially asks him a series of randomly selected questions to which he must answer. The identification is considered positive if the user answers all questions correctly. The main requirement for questions in this method authentication is unique, implying that only the users for whom these questions are intended know the correct answers to questions.

Functional methods.Among the functional methods, the most common is the functional password conversion method. The functional transformation method is based on the use of a certain functionF,which must meet the established requirements.

One-time passwords

One-time passwordis a password valid for one session onlyauthentication . The validity of a one-time password can also be limited to a certain period of time. The advantage of a one-time password over a static password is that the password cannot be reused. Thus, an attacker who has intercepted data from a successful authentication session cannot use the copied password to gain access to the protected information system. The use of one-time passwords does not in itself protect against attacks based on active interference in the communication channel used for authentication (for example, from attacks such as"man in the middle" ).

Algorithms for creating one-time passwords usually use random numbers. This is necessary because otherwise it would be easy to predict subsequent passwords based on knowledge of previous ones. There are different approaches to creating one-time passwords:

· Using mathematical algorithms to create a new password based on previous ones (passwords actually form a chain, and must be used in a certain order).

· Based on time synchronization between server and client providing a password (passwords are valid for a short period of time)

· Using a mathematical algorithm, where the new password is based on a challenge (for example, a random number chosen by the server or part of an incoming message) and/or a counter.

There are also various ways to tell the user the next password. Some systems use special electronic tokens , which the user carries with him, creating one-time passwords and then bringing them out to small screen. Other systems consist of programs that the user runs from a mobile phone. Still other systems generate one-time passwords on the server and then send them to the user using third-party channels, such as SMS -messages. Finally, in some systems, one-time passwords are printed on a piece of paper or on scratch card , which the user needs to have with him.

Implementation of one-time passwords:

Mathematical algorithms

Time-synchronized - one-time passwords are usually associated with physical hardwaretokens (for example, each user is issued a personal token that generates a one-time password). An accurate clock is built inside the token, which is synchronized with the clock on the server. In these OTP systems, time is important part password generation algorithm, since the generation of a new password is based on the current time, and not on the previous password or secret key.

Prompt - Using challenge one-time passwords requires the user to provide time-synchronized prompts in order for authentication to occur. This can be done by entering a value into the token itself. To avoid duplicates, it is usually included additional counter, so if two identical requests happen to be received, this will still result in different one-time passwords. However, calculations usually do not include the previous OTP, as this will cause tasks to be synchronized.

One-time password via SMS - A common technology used to deliver one-time passwords isSMS . Since SMS is a ubiquitous communication channel that is available in all phones and is used big amount clients, SMS messages have the greatest potential for all consumers, having low cost. Tokens, smart cards and others traditional methods authentications are much more expensive to implement and use, and are often met with resistance from consumers. They are also much more vulnerable to attacks like"man in the middle" , in which phishers steal one-time passwords through deception or even because the one-time passwords are displayed on the token screen. Also, tokens can be lost and the integration of one-time passwords into mobile phones can be more secure and simpler because users will not have to carry additional portable devices. At the same time, one-time passwords via SMS may be less secure as mobile operators become part of the chain of trust. In case of roaming, you need to trust more than one mobile operator.

One-time password on mobile phone - Compared to a hardware token implementation, which requires the user to carry the token device with them, token on a mobile phone significantly reduces costs and offers an unprecedented level of convenience. This solution also reduces logistical requirements since there is no need to issue a separate device to each user. Mobile tokens, such as FiveBarGate, FireID or PROTECTIMUS SMART additionally support a number of tokens during a single application installation, allowing the user to authenticate to multiple resources from a single device. This option also provides specific applications for different models user phones. Tokens in mobile phones are also significantly more secure than one-time passwords via SMS, since SMS are sent via GSM networks V text format with the possibility of interception.

Organization of password protection

Instructions for password protection includes:

1. Rules for creating a personal password

2. Password entry

3. Procedure for changing passwords

4. Password storage

5. Responsibility for organizing password protection