語系:
繁體中文
English
說明(常見問題)
登入
回首頁
切換:
標籤
|
MARC模式
|
ISBD
Empirically Measuring and Evolving Common Password Heuristics.
紀錄類型:
書目-語言資料,印刷品 : Monograph/item
正題名/作者:
Empirically Measuring and Evolving Common Password Heuristics./
作者:
Sontheimer, David F.
出版者:
Ann Arbor : ProQuest Dissertations & Theses, : 2022,
面頁冊數:
56 p.
附註:
Source: Masters Abstracts International, Volume: 83-12.
Contained By:
Masters Abstracts International83-12.
標題:
Information science. -
電子資源:
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=29167231
ISBN:
9798438774105
Empirically Measuring and Evolving Common Password Heuristics.
Sontheimer, David F.
Empirically Measuring and Evolving Common Password Heuristics.
- Ann Arbor : ProQuest Dissertations & Theses, 2022 - 56 p.
Source: Masters Abstracts International, Volume: 83-12.
Thesis (M.S.)--Wake Forest University, 2022.
This item must not be sold to any third party vendors.
Passwords remain a common authentication method, yet contemporary manual password generation methods maintain weak passwords - an ongoing challenge in cybersecurity. Despite password policies designed to require harder-to-guess passwords, compromising a user password remains one of the most common methods of data breach. We consider the possibility that users select current password generation methods for ease of recall instead of resilience against attack.We propose comparing password generation methods empirically by measuring the work required to cracked password hashes with password cracking software. We generate passwords from two classes: random generation, and wordlist generation, and variants of each. Additionally, we offer a third class of generators we’ve named hashword generators - that utilize cryptographic hashing functions to output an ostensibly randomly-generated password. We model the theoretical keyspace of each generator, and measure the empirical keyspace of each utilizing the number of candidates required to crack a password hash in John the Ripper, a popular password cracking tool.Both our theoretical and empirical results demonstrate the relative weakness of passwords from wordlist generation when compared to both random generation and hashword generation. This includes the popular passphrase generation suggested by many cybersecurity organizations. Equally important, we confirm that passwords generated with cryptographic hashing functions contain keyspaces and entropy equal to that of fully-random generation. Across all generators, our empirical results support our theoretical results, suggesting successful modeling of the entropy of each generator.
ISBN: 9798438774105Subjects--Topical Terms:
561178
Information science.
Subjects--Index Terms:
Cryptographic hashing functions
Empirically Measuring and Evolving Common Password Heuristics.
LDR
:02952nam a2200421 4500
001
1104610
005
20230619080101.5
006
m o d
007
cr#unu||||||||
008
230907s2022 ||||||||||||||||| ||eng d
020
$a
9798438774105
035
$a
(MiAaPQ)AAI29167231
035
$a
AAI29167231
040
$a
MiAaPQ
$c
MiAaPQ
100
1
$a
Sontheimer, David F.
$3
1413499
245
1 0
$a
Empirically Measuring and Evolving Common Password Heuristics.
260
1
$a
Ann Arbor :
$b
ProQuest Dissertations & Theses,
$c
2022
300
$a
56 p.
500
$a
Source: Masters Abstracts International, Volume: 83-12.
500
$a
Advisor: Fulp, Errin W.
502
$a
Thesis (M.S.)--Wake Forest University, 2022.
506
$a
This item must not be sold to any third party vendors.
520
$a
Passwords remain a common authentication method, yet contemporary manual password generation methods maintain weak passwords - an ongoing challenge in cybersecurity. Despite password policies designed to require harder-to-guess passwords, compromising a user password remains one of the most common methods of data breach. We consider the possibility that users select current password generation methods for ease of recall instead of resilience against attack.We propose comparing password generation methods empirically by measuring the work required to cracked password hashes with password cracking software. We generate passwords from two classes: random generation, and wordlist generation, and variants of each. Additionally, we offer a third class of generators we’ve named hashword generators - that utilize cryptographic hashing functions to output an ostensibly randomly-generated password. We model the theoretical keyspace of each generator, and measure the empirical keyspace of each utilizing the number of candidates required to crack a password hash in John the Ripper, a popular password cracking tool.Both our theoretical and empirical results demonstrate the relative weakness of passwords from wordlist generation when compared to both random generation and hashword generation. This includes the popular passphrase generation suggested by many cybersecurity organizations. Equally important, we confirm that passwords generated with cryptographic hashing functions contain keyspaces and entropy equal to that of fully-random generation. Across all generators, our empirical results support our theoretical results, suggesting successful modeling of the entropy of each generator.
590
$a
School code: 0248.
650
4
$a
Information science.
$3
561178
650
4
$a
Information technology.
$3
559429
650
4
$a
Computer engineering.
$3
569006
650
4
$a
Computer science.
$3
573171
653
$a
Cryptographic hashing functions
653
$a
Cyber security
653
$a
Network security
653
$a
Password cracking
653
$a
Password generation
653
$a
Password strength
690
$a
0984
690
$a
0489
690
$a
0464
690
$a
0723
710
2
$a
Wake Forest University.
$b
Computer Science.
$3
1413500
773
0
$t
Masters Abstracts International
$g
83-12.
790
$a
0248
791
$a
M.S.
792
$a
2022
793
$a
English
856
4 0
$u
http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=29167231
筆 0 讀者評論
多媒體
評論
新增評論
分享你的心得
Export
取書館別
處理中
...
變更密碼[密碼必須為2種組合(英文和數字)及長度為10碼以上]
登入