Zonghao Huang,Lujo Bauer,Michael K. Reiter

2024-03-06

Abstract:Honeywords are decoy passwords that can be added to a credential database; if a login attempt uses a honeyword, this indicates that the site's credential database has been leaked. In this paper we explore the basic requirements for honeywords to be effective, in a threat model where the attacker knows passwords for the same users at other sites. First, we show that for user-chosen (vs. algorithmically generated, i.e., by a password manager) passwords, existing honeyword-generation algorithms do not simultaneously achieve false-positive and false-negative rates near their ideals of $\approx 0$ and $\approx \frac{1}{1+n}$, respectively, in this threat model, where $n$ is the number of honeywords per account. Second, we show that for users leveraging algorithmically generated passwords, state-of-the-art methods for honeyword generation will produce honeywords that are not sufficiently deceptive, yielding many false negatives. Instead, we find that only a honeyword-generation algorithm that uses the \textit{same} password generator as the user can provide deceptive honeywords in this case. However, when the defender's ability to infer the generator from the (one) account password is less accurate than the attacker's ability to infer the generator from potentially many, this deception can again wane. Taken together, our results provide a cautionary note for the state of honeyword research and pose new challenges to the field.

Cryptography and Security

Ding Wang,Haibo Cheng,Ping Wang,Jeff Yan,Xinyi Huang

DOI: https://doi.org/10.14722/ndss.2018.23142

2018-01-01

Abstract:Honeywords are decoy passwords associated with each user account, and they contribute a promising approach to detecting password leakage. This approach was first proposed by Juels and Rivest at CCS'13, and has been covered by hundreds of medias and also adopted in various research domains. The idea of honeywords looks deceptively simple, but it is a deep and sophisticated challenge to automatically generate honeywords that are hard to differentiate from real passwords. In JuelsRivest's work, four main honeyword-generation methods are suggested but only justified by heuristic security arguments. In this work, we for the first time develop a series of practical experiments using 10 large-scale datasets, a total of 104 million real-world passwords, to quantitatively evaluate the security that these four methods can provide. Our results reveal that they all fail to provide the expected security: real passwords can be distinguished with a success rate of 29.29%similar to 32.62% by our basic trawling-guessing attacker, but not the expected 5%, with just one guess (when each user account is associated with 19 honeywords as recommended). This figure reaches 34.21%similar to 49.02% under the advanced trawling-guessing attackers who make use of various state-of-the-art probabilistic password models. We further evaluate the security of Juels-Rivest's methods under a targeted-guessing attacker who can exploit the victim' personal information, and the results are even more alarming: 56.81%similar to 67.98%. Overall, our work resolves three open problems in honeyword research, as defined by Juels and Rivest.

Ke Coby Wang,Michael K. Reiter

DOI: https://doi.org/10.14722/ndss.2024.23295

2023-11-21

Abstract:Decoy passwords, or "honeywords," planted in a credential database can alert a site to its breach if ever submitted in a login attempt. To be effective, some honeywords must appear at least as likely to be user-chosen passwords as the real ones, and honeywords must be very difficult to guess without having breached the database, to prevent false breach alarms. These goals have proved elusive, however, for heuristic honeyword generation algorithms. In this paper we explore an alternative strategy in which the defender treats honeyword selection as a Bernoulli process in which each possible password (except the user-chosen one) is selected as a honeyword independently with some fixed probability. We show how Bernoulli honeywords can be integrated into two existing system designs for leveraging honeywords: one based on a honeychecker that stores the secret index of the user-chosen password in the list of account passwords, and another that does not leverage secret state at all. We show that Bernoulli honeywords enable analytic derivation of false breach-detection probabilities irrespective of what information the attacker gathers about the sites' users; that their true and false breach-detection probabilities demonstrate compelling efficacy; and that Bernoulli honeywords can even enable performance improvements in modern honeyword system designs.

Cryptography and Security

Nilesh Chakraborty,Jianqiang Li,Victor C. M. Leung,Samrat Mondal,Yi Pan,Chengwen Luo,Mithun Mukherjee

DOI: https://doi.org/10.1145/3552431

IF: 16.6

2022-12-30

ACM Computing Surveys

Abstract:Honeyword (or decoy password) based authentication, first introduced by Juels and Rivest in 2013, has emerged as a security mechanism that can provide security against server-side threats on the password-files. From the theoretical perspective, this security mechanism reduces attackers’ efficiency to a great extent as it detects the threat on a password-file so that the system administrator can be notified almost immediately as an attacker tries to take advantage of the compromised file. This paper aims to present a comprehensive survey of the relevant research and technological developments in honeyword-based authentication techniques. We cover twenty-three techniques related to honeyword, reported under different research articles since 2013. This survey paper helps the readers to (i) understand how honeyword based security mechanism works in practice, (ii) get a comparative view on the existing honeyword based techniques, and (iii) identify the existing gaps that have yet to be filled and the emergent research opportunities.

computer science, theory & methods

Ruthu Hulikal Rooparaghunath,T.S. Harikrishnan,Debayan Gupta

2023-10-19

Abstract:The average user has between 90-130 online accounts, and around $3 \times 10^{11}$ passwords are in use this year. Most people are terrible at remembering "random" passwords, so they reuse or create similar passwords using a combination of predictable words, numbers, and symbols. Previous password-generation or management protocols have imposed so large a cognitive load that users have abandoned them in favor of insecure yet simpler methods (e.g., writing them down or reusing minor variants). We describe a range of candidate human-computable "hash" functions suitable for use as password generators - as long as the human (with minimal education assumptions) keeps a single, easily-memorizable "master" secret - and rate them by various metrics, including effective security. These functions hash master-secrets with user accounts to produce sub-secrets that can be used as passwords; $F_R($s$, w) \longrightarrow y$, takes a website $w$, produces a password $y$, parameterized by master secret $s$, which may or may not be a string. We exploit the unique configuration $R$ of each user's associative and implicit memory (detailed in section 2) to ensure that sources of randomness unique to each user are present in each master-secret $F_R$. An adversary cannot compute or verify $F_R$ efficiently since $R$ is unique to each individual; in that sense, our hash function is similar to a physically unclonable function. For the algorithms we propose, the user need only complete primitive operations such as addition, spatial navigation or searching. Critically, most of our methods are also accessible to neurodiverse, or cognitively or physically differently-abled persons. We present results from a survey (n=134 individuals) investigating real-world usage of these methods and how people currently come up with their passwords, we also survey 400 websites to collate current password advice.

Cryptography and Security,Human-Computer Interaction

Jimmy Dani,Brandon McCulloh,Nitesh Saxena

2024-07-24

Abstract:"Honeywords" have emerged as a promising defense mechanism for detecting data breaches and foiling offline dictionary attacks (ODA) by deceiving attackers with false passwords. In this paper, we propose PassFilter, a novel deep learning (DL) based attack framework, fundamental in its ability to identify passwords from a set of sweetwords associated with a user account, effectively challenging a variety of honeywords generation techniques (HGTs). The DL model in PassFilter is trained with a set of previously collected or adversarially generated passwords and honeywords, and carefully orchestrated to predict whether a sweetword is the password or a honeyword. Our model can compromise the security of state-of-the-art, heuristics-based, and representation learning-based HGTs proposed by Dionysiou et al. Specifically, our analysis with nine publicly available password datasets shows that PassFilter significantly outperforms the baseline random guessing success rate of 5%, achieving 6.10% to 52.78% on the 1st guessing attempt, considering 20 sweetwords per account. This success rate rapidly increases with additional login attempts before account lock-outs, often allowed on many real-world online services to maintain reasonable usability. For example, it ranges from 41.78% to 96.80% for five attempts, and from 72.87% to 99.00% for ten attempts, compared to 25% and 50% random guessing, respectively. We also examined PassFilter against general-purpose language models used for honeyword generation, like those proposed by Yu et al. These honeywords also proved vulnerable to our attack, with success rates of 14.19% for 1st guessing attempt, increasing to 30.23%, 41.70%, and 63.10% after 3rd, 5th, and 10th guessing attempts, respectively. Our findings demonstrate the effectiveness of DL model deployed in PassFilter in breaching state-of-the-art HGTs and compromising password security based on ODA.

Cryptography and Security,Machine Learning

Pengcheng Su,Haibo Cheng,Wenting Li,Ping Wang

2023-11-18

Abstract:Honeyword is a representative ``honey" technique to detect intruders by luring them with decoy data. This kind of honey technique blends a primary object (from distribution $P$) with decoy samples (from distribution $Q$). In this research, we focus on two key Honeyword security metrics: the flatness function and the success-number function. Previous researchers are engaged in designing experimental methods to estimate their values. We've derived theoretical formulas on both metrics of the strongest $\mathcal{A}$ using the optimal guessing strategy, marking a first in the field. The mathematical structures of these metrics are intriguing: the flatness function has an expression as $\epsilon(i)=\sum_{j=1}^{i}\int_{0}^{+\infty}\tbinom{k-1}{j-1} f(x)G^{k-j}(x)(1-G(x))^{j-1}dx$. In particular, the most important one, $\epsilon(1)$ is $\frac{1}{k}(M-\int_{0}^{M}G^k(x)dx)+b$, where $M=\max_{x: Q(x)\neq 0}\frac{P(x)}{Q(x)}$, $b=\sum_{x: Q(x)=0}P(x)$, and $G$ is a cumulative distribution function derived from $P$ and $Q$. This formula provides a criterion to compare different honey distributions: the one with smaller $M$ and $b$ is more satisfactory. The mathematical structure of the success-number function is a series of convolutions with beta distribution kernels: $\lambda_U(i)=U\sum_{j=1}^{i}\int_{\frac{1}{k}}^{1} \frac{\phi(x)}{1-\phi(x)} \tbinom{U-1}{j-1} x^{U-j}(1-x)^{j-1}dx$, where $U$ is the number of users in the system and $\phi(x)$ is a monotonically increasing function. For further elaboration, we made some representative calculations. Our findings offer insights into security assessments for Honeyword and similar honey techniques, contributing to enhanced security measures in these systems.

Cryptography and Security

Nilesh Chakraborty,Mithun Mukherjee,Jianqiang Li,Mohammad Shojafar,Yi Pan

DOI: https://doi.org/10.1109/jiot.2021.3080676

IF: 10.6

2022-02-15

IEEE Internet of Things Journal

Abstract:Password is one of the most well-known authentication methods in accessing many Internet of Things (IoT) devices. The usage of passwords, however, inherits several drawbacks and emerging vulnerabilities in the IoT platform. However, many solutions have been proposed to tackle these limitations. Most of these defense strategies suffer from a lack of computational power and memory capacity and do not have immediate cover in the IoT platform. Motivated by this consideration, the goal of this article is fivefold. First, we analyze the feasibility of implementing a honeyword-based defense strategy to prevent the latest developed server-side threat on the IoT domain's password. Second, we perform thorough cryptanalysis of a recently developed honeyword-based method to evaluate its advancement in preventing the threat and explore the best possible way to incorporate it in the IoT platform. Third, we verify that we can add a honeyword-based solution to the IoT infrastructure by ensuring specific guidelines. Fourth, we propose a generic attack model, namely, matching attack utilizing the compromised password file to perform the security check of any legacy-UI approach for meeting the all essential flatness security criterion. Last, we compare the matching attack's performance with the corresponding one of a benchmark technological methods over the legacy-UI model and confirm that our attack has 5%–22% more vulnerable than others.

computer science, information systems,telecommunications,engineering, electrical & electronic

Haibo Cheng,Wenting Li,Ping Wang,Chao-Hsien Chu,Kaitai Liang

2021-01-01

Abstract:Password vault applications allow a user to store multiple passwords in a vault and choose a master password to encrypt the vault. In practice, attackers may steal the storage file of the vault and further compromise all stored passwords by offline guessing the master password. Honey vaults have been proposed to address the threat. By producing plausible-looking decoy vaults for wrong master passwords, honey vaults force attackers to shift offline guessing to online verifications. However, the existing honey vault schemes all suffer from intersection attacks in the multi-leakage case where an old version of the storage file (e.g., a backup) is stolen along with the current version. The attacker can offline identify the decoys and completely break the schemes. We design a generic construction based on a multi-similar-password model and further propose an incremental update mechanism. With our mechanism, the attacker cannot get any extra advantages from the old storage, and therefore degenerates to an attacker only with knowledge of the current version. To further evaluate the security in the traditional single-leakage case where only the current version is stolen, we investigate the theoretically optimal strategy for online verifications, and propose practical attacks. Targeting the existing schemes, our attacks crack 33%-55% of real vaults via only one-time online guess and achieve 85%-94% accuracy in distinguishing real vaults from decoys. In contrast, our design reduces the values of the two metrics to 2% and 58% (close to the ideal values 0% and 50%), respectively. This indicates that the attackers needs to carry out 2.8x-7.5x online verifications to break our scheme.

Daniel Reti,Norman Becker,Tillmann Angeli,Anasuya Chattopadhyay,Daniel Schneider,Sebastian Vollmer,Hans D. Schotten

2024-04-25

Abstract:With the increasing prevalence of security incidents, the adoption of deception-based defense strategies has become pivotal in cyber security. This work addresses the challenge of scalability in designing honeytokens, a key component of such defense mechanisms. The manual creation of honeytokens is a tedious task. Although automated generators exists, they often lack versatility, being specialized for specific types of honeytokens, and heavily rely on suitable training datasets. To overcome these limitations, this work systematically investigates the approach of utilizing Large Language Models (LLMs) to create a variety of honeytokens. Out of the seven different honeytoken types created in this work, such as configuration files, databases, and log files, two were used to evaluate the optimal prompt. The generation of robots.txt files and honeywords was used to systematically test 210 different prompt structures, based on 16 prompt building blocks. Furthermore, all honeytokens were tested across different state-of-the-art LLMs to assess the varying performance of different models. Prompts performing optimally on one LLMs do not necessarily generalize well to another. Honeywords generated by GPT-3.5 were found to be less distinguishable from real passwords compared to previous methods of automated honeyword generation. Overall, the findings of this work demonstrate that generic LLMs are capable of creating a wide array of honeytokens using the presented prompt structures.

Cryptography and Security

Wenting Li,Ping Wang,Kaitai Liang

DOI: https://doi.org/10.1109/tifs.2022.3214729

IF: 7.231

2023-03-01

IEEE Transactions on Information Forensics and Security

Abstract:Password-only authentication is one of the most popular secure mechanisms for real-world online applications. But it easily suffers from a practical threat - password leakage, incurred by external and internal attackers. The external attacker may compromise the password file stored on the authentication server, and the insider may deliberately steal the passwords or inadvertently leak the passwords. So far, there are two main techniques to address the leakage: Augmented password-authentication key exchange (aPAKE) against insiders and honeyword technique for external attackers. But none of them can resist both attacks. To fill the gap, we propose the notion of honey PAKE (HPAKE) that allows the authentication server to detect the password leakage and achieve the security beyond the traditional bound of aPAKE. Further, we build an HPAKE construction on the top of the honeyword mechanism, honey encryption, and OPAQUE which is a standardized aPAKE. We formally analyze the security of our design, achieving the insider resistance and the password breach detection. We implement our design and deploy it in the real environment. The experimental results show that our protocol only costs 71.27 ms for one complete run, within 20.67 ms on computation and 50.6 ms on communication. This means our design is secure and practical for real-world applications.

computer science, theory & methods,engineering, electrical & electronic

Enka Blanchard

DOI: https://doi.org/10.4018/ijsssp.302622

2022-07-13

International Journal of Systems and Software Security and Protection

Abstract:Credential leaks still happen with regular frequency, and show evidence that, despite decades of warnings, password hashing is still not correctly implemented in practice. The common practice today, inherited from previous but obsolete constraints, is to transmit the password in cleartext to the server, where it is hashed and stored. This allows some usability improvements, such as typo-tolerant password checkers — which can correct up to 32% of typos, with no negative impact on security — formally introduced by Chatterjee et al. in 2016, but used in some preliminary forms since 2012. This article investigates the advantages and drawbacks of the alternative of hashing client-side, and shows that it is present today exclusively on Chinese websites. It introduces an alternative typo-correction framework based on client-side hashing, which corrects up to 57% of typos without affecting user experience, at no computational cost to the server. Finally, it proposes some potential ways to improve the industry standards by enforcing accountability on password security.

Vassilis Papaspirou,Leandros Maglaras,Mohamed Amine Ferrag,Ioanna Kantzavelou,Helge Janicke,Christos Douligeris

DOI: https://doi.org/10.1109/icccn52240.2021.9522319

2021-07-01

Abstract:The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for different accounts, administrators never check password files for flaws that might lead to a successful cracking, and the lack of a tight security policy regarding regular password replacement are a few problems that need to be addressed. The proposed research work aims at enhancing this security mechanism, prevent penetrations, password theft, and attempted break-ins towards securing computing systems. The selected solution approach is two-folded; it implements a two-factor authentication scheme to prevent unauthorized access, accompanied by Honeyword principles to detect corrupted or stolen tokens. Both can be integrated into any platform or web application with the use of QR codes and a mobile phone.

Kunjal Panchal

DOI: https://doi.org/10.48550/arXiv.2010.15985

2020-10-30

Abstract:Honey Encryption is an approach to encrypt the messages using low min-entropy keys, such as weak passwords, OTPs, PINs, credit card numbers. The ciphertext is produces, when decrypted with any number of incorrect keys, produces plausible-looking but bogus plaintext called "honey messages". But the current techniques used in producing the decoy plaintexts do not model human language entirely. A gibberish, random assortment of words is not enough to fool an attacker; that will not be acceptable and convincing, whether or not the attacker knows some information of the genuine source. In this paper, I focus on the plaintexts which are some non-numeric informative messages. In order to fool the attacker into believing that the decoy message can actually be from a certain source, we need to capture the empirical and contextual properties of the language. That is, there should be no linguistic difference between real and fake message, without revealing the structure of the real message. I employ natural language processing and generalized differential privacy to solve this problem. Mainly I focus on machine learning methods like keyword extraction, context classification, bags-of-words, word embeddings, transformers for text processing to model privacy for text documents. Then I prove the security of this approach with e-differential privacy.

Cryptography and Security,Machine Learning

Yang Xiao,Jianping Zeng

DOI: https://doi.org/10.1109/tifs.2022.3152357

IF: 7.231

2022-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Password composition policies are helpful in strengthening password’s resistance against guessing attacks. Sadly, existing off-the-shelf composition policies often remain static, which creates potential security vulnerability. In this paper, we propose a new adaptive password policy generation framework called HTPG. Based on the Zipf distribution of passwords, HTPG classifies all passwords in data set into two categories, that is, head passwords and tail passwords. We find that head passwords are vulnerable and high-value for attackers because they are most frequently used, while tail passwords have higher strength than head passwords. According to this fact, HTPG dynamically generates policies to enhance head passwords by modifying them so as to be closer to tail passwords on feature space. By introducing the idea of machine learning, we propose a policy sort method based on information gain ratio to help user choose more effective policies in enhancing head passwords. HTPG can effectively improve the security of entire password data set and make the password distribution more uniform. Experiments show that the number of cracked head passwords decreases 69% on average, compared with the original head passwords, by adopting policies generated by HTPG. Surveys on usability show that 80.23% enhanced passwords can be recalled by those who remember the corresponding original passwords.

Hamza Touil,Nabil El Akkad,Khalid Satori,Naglaa F. Soliman,Walid El-Shafai

DOI: https://doi.org/10.1109/access.2024.3349487

IF: 3.9

2024-01-01

IEEE Access

Abstract:In this work, we propose a novel approach to enhancing the security of passwords before storing them in databases. Our method utilizes Braille transformation to encrypt the password after generating the corresponding hash. The hash is divided into multiple blocks, each representing a character treated as a transformation unit. Each character is then associated with its corresponding Braille code, which consists of 6 digits. To further enhance security, we randomly replace each occurrence of “0” in the generated string with one of the digits 7, 8, or 9. The final string, six times larger than the original hash, is then stored in the database. To evaluate our approach, we conducted several experiments and comparisons. The results demonstrate that Braille transformation is resistant to brute-force attacks, statistical attacks, and differential attacks. These results were justified using various evaluation criteria, such as execution time and memory space occupied. Braille transformation is susceptible to any modification made to the hash or the generated string, further reinforcing its security. Our Braille-based approach offers an effective solution to strengthen the security of database passwords. It provides advantages in terms of protection against different attacks and offers a robust evaluation based on relevant criteria.

computer science, information systems,telecommunications,engineering, electrical & electronic

Liping Li,Qinglei Zhou,Bin Li,Xueming Si

DOI: https://doi.org/10.1109/CyberC.2018.00014

2018-01-01

Abstract:Identity authentication is the first line of defense to ensure the security of information systems, and passwords are the most widely used authentication method. Choosing a valid password structure is an effective way to prevent password attacks, such as password dictionary attack. This article talked 68386069 real plaintext passwords with statistical their various features, summarized several rules for generating highly utilized passwords in certain styles. Based on these statistical features and rules, it generated high-probability password structure gene banks. With them, it formulates a dictionary to generate the candidate passwords. Thereby, this can enhance the efficiency of password recovery. We conducted extensive experiments by the real password test data, and the experimental results, compared with the dictionary provided by major websites, show that the dictionary of high probability password structure hit rate increased by about 30%. At the same time, this dictionary can save about one-third of the running time.

Yining Wu,Suogui Dang,Huajin Tang,Rui Yan

DOI: https://doi.org/10.1109/iai50351.2020.9262168

2020-01-01

Abstract:This paper addresses the problem of improving the fly hashing [1] that is a high-dimensional hash function based on the fruit fly olfactory circuit. The encoding of fly hashing only uses sparsely addition operations instead of the usual costly dense multiplications, and thus results in efficient computations which is important for near duplicate detection tasks in large-scale search system. However, the firing rate based winner-take-all (WTA) circuit of it is neither biologically plausible nor energy saving, and if this circuit is taken into consideration, theoretical results of locality-sensitive are no longer strong. To improve the fly hashing, we proposed a locality-sensitive hash function based on random projection and threshold based spike-threshold-surface (STS) circuit, and both of them are biologically plausible and can be computed very efficiently in hardware. We also presented a strong theoretical analysis of the proposed hash function, and the experimental result supports our proofs. In addition, we performed experiments on datasets SIFT, GloVe and MNIST, and obtained high search precisions as well as fly hashing with less time to consume.

Yinjie Huang,Michael Georgiopoulos,Georgios C. Anagnostopoulos

DOI: https://doi.org/10.48550/arXiv.1508.03285

IF: 5.414

2015-08-13

Machine Learning

Abstract:In this paper we introduce a novel hash learning framework that has two main distinguishing features, when compared to past approaches. First, it utilizes codewords in the Hamming space as ancillary means to accomplish its hash learning task. These codewords, which are inferred from the data, attempt to capture similarity aspects of the data's hash codes. Secondly and more importantly, the same framework is capable of addressing supervised, unsupervised and, even, semi-supervised hash learning tasks in a natural manner. A series of comparative experiments focused on content-based image retrieval highlights its performance advantages.

Vasilis Papaspirou,Maria Papathanasaki,Leandros Maglaras,Ioanna Kantzavelou,Christos Douligeris,Mohamed Amine Ferrag,Helge Janicke

DOI: https://doi.org/10.48550/arXiv.2112.08431

2021-12-16

Abstract:Although sufficient authentication mechanisms were enhanced by the use of two or more factors that resulted in new multi factor authentication schemes, more sophisticated and targeted attacks have shown they are also vulnerable. This research work proposes a novel two factor authentication system that incorporates honeytokens into the two factor authentication process. The current implementation collaborates with Google authenticator. The novelty and simplicity of the presented approach aims at providing additional layers of security and protection into a system and thus making it more secure through a stronger and more efficient authentication mechanism.

Cryptography and Security