On the Security Analysis of PBKDF2 in OpenOffice
نویسندگان
چکیده
منابع مشابه
Evaluation of Standardized Password-Based Key Derivation against Parallel Processing Platforms
Passwords are still the preferred method of user authentication for a large number of applications. In order to derive cryptographic keys from (human-entered) passwords, key-derivation functions are used. One of the most well-known key-derivation functions is the standardized PBKDF2 (RFC2898), which is used in TrueCrypt, CCMP of WPA2, and many more. In this work, we evaluate the security of PBK...
متن کاملOn the Weaknesses of PBKDF2
Password-based key derivation functions are of particular interest in cryptography because they (a) input a password/passphrase (which usually is short and lacks enough entropy) and derive a cryptographic key; (b) slow down brute force and dictionary attacks as much as possible. In PKCS#5 [19], RSA Laboratories described a password based key derivation function called PBKDF2 that has been widel...
متن کاملAcceleration Attacks on PBKDF2: Or, What Is inside the Black-Box of oclHashcat?
The Password Based Key Derivation Function v2 (PBKDF2) is an important cryptographic primitive that has practical relevance to many widely deployed security systems. We investigate accelerated attacks on PBKDF2 with commodity GPUs, reporting the fastest attack on the primitive to date, outperforming the previous stateof-the-art oclHashcat. We apply our attack to Microsoft .NET framework, showin...
متن کاملHunting for vulnerabilities in large software : the OpenOffice suite
How much effort does it cost to find zero-day vulnerabilities in widely-deployed software? As an exercise, we searched for vulnerabilities in OpenOffice, a productivity suite used by about a hundred million people. Within a 4-month period, we found a total of 15 vulnerabilities, including buffer overflow errors, out-of-bound array index errors and null pointer dereferences, using publicly avail...
متن کاملPassword-Hashing Status
Computers are used in our everyday activities, with high volumes of users accessing provided services. One-factor authentication consisting of a username and a password is the common choice to authenticate users in the web. However, the poor password management practices are exploited by attackers that disclose the users’ credentials, harming both users and vendors. In most of these occasions t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JSW
دوره 10 شماره
صفحات -
تاریخ انتشار 2015