On the Security Analysis of PBKDF2 in OpenOffice

نویسندگان

  • Xiaochao Li
  • Cuicui Zhao
  • Kun Pan
  • Shuqiang Lin
  • Xiurong Chen
  • Benbin Chen
  • Deguang Le
  • Donghui Guo
چکیده

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Evaluation of Standardized Password-Based Key Derivation against Parallel Processing Platforms

Passwords are still the preferred method of user authentication for a large number of applications. In order to derive cryptographic keys from (human-entered) passwords, key-derivation functions are used. One of the most well-known key-derivation functions is the standardized PBKDF2 (RFC2898), which is used in TrueCrypt, CCMP of WPA2, and many more. In this work, we evaluate the security of PBK...

متن کامل

On the Weaknesses of PBKDF2

Password-based key derivation functions are of particular interest in cryptography because they (a) input a password/passphrase (which usually is short and lacks enough entropy) and derive a cryptographic key; (b) slow down brute force and dictionary attacks as much as possible. In PKCS#5 [19], RSA Laboratories described a password based key derivation function called PBKDF2 that has been widel...

متن کامل

Acceleration Attacks on PBKDF2: Or, What Is inside the Black-Box of oclHashcat?

The Password Based Key Derivation Function v2 (PBKDF2) is an important cryptographic primitive that has practical relevance to many widely deployed security systems. We investigate accelerated attacks on PBKDF2 with commodity GPUs, reporting the fastest attack on the primitive to date, outperforming the previous stateof-the-art oclHashcat. We apply our attack to Microsoft .NET framework, showin...

متن کامل

Hunting for vulnerabilities in large software : the OpenOffice suite

How much effort does it cost to find zero-day vulnerabilities in widely-deployed software? As an exercise, we searched for vulnerabilities in OpenOffice, a productivity suite used by about a hundred million people. Within a 4-month period, we found a total of 15 vulnerabilities, including buffer overflow errors, out-of-bound array index errors and null pointer dereferences, using publicly avail...

متن کامل

Password-Hashing Status

Computers are used in our everyday activities, with high volumes of users accessing provided services. One-factor authentication consisting of a username and a password is the common choice to authenticate users in the web. However, the poor password management practices are exploited by attackers that disclose the users’ credentials, harming both users and vendors. In most of these occasions t...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • JSW

دوره 10  شماره 

صفحات  -

تاریخ انتشار 2015