pASSWORD tYPOS and How to Correct them Securely

BY: -

ASHOK CHOUDHARY-(2653491)

Password-based authentication systems

Password-based authentication systems

• H(Password459!)=“a5idohj9a..”

• H(password459!)=“a5idohj9a..”

Cryptographic hash

Hash digest

Typo-tolerant password checking

Password459! pASSWORD459! password459!

We know little about password typos

• How can we build a typo-tolerant password systems?

• How much would tolerating typos help users?

• Does it endanger security?

Work

• Measuring password typos on Dropbox.

• Uses faced problem in login.

• Huge problem in users and service providers.

• Develop an appropriate typo-tolerant checking.

• Improve utility with minimal security impact.

Relaxed checkers

H(Password459!)=“a5idohj9a..”

H(pASSWORD459!)=“a5idohj9a..”

H(password459!)=“a5idohj9a..”

• we need to find a small useful set of typo correctors.

No change in

password hash

database

Apply caps lock corrector

Apply first case flip corrector

MTurk password transcription study

• 100,000+ passwords typed by 4,300 workers.

% of all typos

Capslock Flip first letter case Add char. at end

Add char. at front Last digit to symbol Others

4.5%

11%

4.6%

Impact of top-3 typos in the real world

• Instrumented production login of Dropbox to quantify typos

• Note: we do not change the authentication policy

24 hours period: -

I. 3% of all users failed to login because to this top-3 typos.

II. 20% of users could have login 1 minute earlier if this top-3 typos were

applied.

Adding this 3 typos will save several person-months of login time every day

Typo-tolerance will significantly enhance usability of passwords.

Can it be secure?

Threat #1: Server compromise

H(Password459!) =“a5idohj9a..”

H(pASSWORD459!) =“a5idohj9a..”

H(password459!) =“a5idohj9a..”

No changes in

password hash

database

No change is security in case of

server compromise

Threat #2: Remote guessing attack

• Wed service should lock account after q wrong guesses.

H(password)=“a5idohj9a..”

H(PASSWORD)=“a5idohj9a..”

H(Password)=“a5idohj9a..”

H(passwor)=“a5idohj9a..”

Apply caps lock corrector

Apply first case flip corrector

Apply extra char. At endcorrector

Get 3 free checks with every query.

➢q queries result in 3q free password guesses.

➢Previously, q queries result in no free guesses.

Here we can say that attacker success rate increase by 300%.

Passwords are not uniformly distributed

• 300% improvement, only if all checked passwords are equally

probable.

BUT, humans do not chose random passwords.

password

Pro

ba

bili

ty

Attack simulation using password leaks

• Adversary knows:

Distributed of passwords, and the set of top-3 correctors.

Exact checking Typo-tolerant checking

Query most probable q passwords Query q passwords that maximizes

success. Computed using greedy algo.

Security-sensitive typo correction

• Don’t check a correction if the resulting password is too popular.

Free Correction Theorem

For any password distribution, set of correctors, and adversarial query

budget q, there exists a typo correction scheme that corrects typos with no

degradation in security

password

password

pASSWOR

PasswordPASSWORD

Security of checkers with filtering• Correct typo ensuring that total probability of all checked password is less

than Pr[pwq].

• Estimated password distribution with rockyou

pASSWORD tYPOS in one slide

1. Introduce typo-tolerant password checkers.

Compatible with existing password databases, easy to deploy.

2. Study password typos empirically.

3% of users fail to login due to correctable, top-3 typos.

3. Analyze security of typo-tolerant checkers.

“Free” correction theorem (In theory).

with heuristic, works in practice too.