Cracking-Resistant Password Vaults Using Natural Language Encoders

Password vaults are increasingly popular applications that store multiple passwords encrypted under a single master password that the user memorizes. A password vault can greatly reduce the burden on a user of remembering passwords, but introduces a single point of failure. An attacker that obtains a user's encrypted vault can mount offline brute-force attacks and, if successful, compromise all of the passwords in the vault. In this paper, we investigate the construction of encrypted vaults that resist such offline cracking attacks and force attackers instead to mount online attacks. Our contributions are as follows. We present an attack and supporting analysis showing that a previous design for cracking-resistant vaults -- the only one of which we are aware -- actually degrades security relative to conventional password-based approaches. We then introduce a new type of secure encoding scheme that we call a natural language encoder (NLE). An NLE permits the construction of vaults which, when decrypted with the wrong master password, produce plausible-looking decoy passwords. We show how to build NLEs using existing tools from natural language processing, such as n-gram models and probabilistic context-free grammars, and evaluate their ability to generate plausible decoys. Finally, we present, implement, and evaluate a full, NLE-based cracking-resistant vault system called NoCrack.

[1]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[2]  Bernard Lang,et al.  The Structure of Shared Forests in Ambiguous Parsing , 1989, ACL.

[3]  John Cocke,et al.  Probabilistic Parsing Method for Sentence Disambiguation , 1989, IWPT.

[4]  Yossi Matias,et al.  How to Make Personalized Web Browising Simple, Secure, and Anonymous , 1997, Financial Cryptography.

[5]  Bruce Schneier,et al.  Secure Applications of Low-Entropy Keys , 1997, ISW.

[6]  Douglas N. Hoover,et al.  Software smart cards via cryptographic camouflage , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[7]  Burton S. Kaliski,et al.  PKCS #5: Password-Based Cryptography Specification Version 2.0 , 2000, RFC.

[8]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[9]  Philippe Oechslin,et al.  Making a Faster Cryptanalytic Time-Memory Trade-Off , 2003, CRYPTO.

[10]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[11]  J. Doug Tygar,et al.  The battle against phishing: Dynamic Security Skins , 2005, SOUPS '05.

[12]  Brent Waters,et al.  A convenient method for securely managing passwords , 2005, WWW '05.

[13]  Dan Boneh,et al.  Stronger Password Authentication Using Browser Extensions , 2005, USENIX Security Symposium.

[14]  Ka-Ping Yee,et al.  Passpet: convenient password management and phishing protection , 2006, SOUPS '06.

[15]  Robert Biddle,et al.  A Usability Study and Critique of Two Password Managers , 2006, USENIX Security Symposium.

[16]  Xavier Boyen,et al.  Halting Password Puzzles: Hard-to-break Encryption from Human-memorable Keys , 2007, USENIX Security Symposium.

[17]  Ceriel J. H. Jacobs,et al.  Parsing Techniques - A Practical Guide , 2007, Monographs in Computer Science.

[18]  Sudhir Aggarwal,et al.  Password Cracking Using Probabilistic Context-Free Grammars , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[19]  Colin Percival STRONGER KEY DERIVATION VIA SEQUENTIAL MEMORY-HARD FUNCTIONS , 2009 .

[20]  Salvatore J. Stolfo,et al.  Baiting Inside Attackers Using Decoy Documents , 2009, SecureComm.

[21]  Dan Boneh,et al.  Kamouflage: Loss-Resistant Password Management , 2010, ESORICS.

[22]  Salvatore J. Stolfo,et al.  Automating the injection of believable decoys to detect snooping , 2010, WiSec '10.

[23]  Martin M. A. Devillers Analyzing Password Strength , 2010 .

[24]  Nicolas Christin,et al.  A Comparative Usability Evaluation of Traditional Password Managers , 2010, ICISC.

[25]  Markus Jakobsson,et al.  The Benefits of Understanding Passwords , 2012, HotSec.

[26]  Mihir Bellare,et al.  Multi-instance Security and Its Application to Password-Based Cryptography , 2012, CRYPTO.

[27]  Joseph Bonneau,et al.  Guessing human-chosen secrets , 2012 .

[28]  Claude Castelluccia,et al.  Adaptive Password-Strength Meters from Markov Models , 2012, NDSS.

[29]  Jeremy Clark,et al.  Tapas: design, implementation, and usability evaluation of a password manager , 2012, ACSAC '12.

[30]  Frank Stajano,et al.  The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes , 2012, 2012 IEEE Symposium on Security and Privacy.

[31]  Lujo Bauer,et al.  Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms , 2011, 2012 IEEE Symposium on Security and Privacy.

[32]  Joseph Bonneau,et al.  The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords , 2012, 2012 IEEE Symposium on Security and Privacy.

[33]  Ronald L. Rivest,et al.  Honeywords: making password-cracking detectable , 2013, CCS.

[34]  Dawn Xiaodong Song,et al.  The Emperor's New Password Manager: Security Analysis of Web-based Password Managers , 2014, USENIX Security Symposium.

[35]  Julie Thorpe,et al.  On Semantic Patterns of Passwords and their Security Impact , 2014, NDSS.

[36]  Thomas Ristenpart,et al.  Honey Encryption: Encryption beyond the Brute-Force Barrier , 2014, IEEE Security & Privacy.

[37]  Ari Juels A bodyguard of lies: the use of honey objects in information security , 2014, SACMAT '14.

[38]  Ninghui Li,et al.  A Study of Probabilistic Password Models , 2014, 2014 IEEE Symposium on Security and Privacy.