Honeywords: Detectable Password TheftGavin HoltAbertay University

whoami Gavin Holt (@GavinHolt)

Fourth Year Honours Student at Abertay University

One of the organisers of Securi-Tay 3

Vice President of Abertay Ethical Hacking Society (@AbertayHackers)

What are we covering today? Why is password theft so dangerous?

How are passwords currently being stored? (The good, the bad and the plain stupid)

What are Honeywords?

How Honeywords can be implemented

The benefits of Honeywords

What Honeywords won’t save you from

Summary

Questions

Why is password theft so dangerous?

Obvious Answer:Because then someone has

your password

Less Obvious Answer:Because then someone has

your password…for everything

60%+ of users use the same password across multiple sites

(PayPal Report)

300% Increase in a single quarter

(Experian Report)

LinkedIn – 6.5 Million PasswordsZappos.com – 12 Million

PasswordseHarmony – 1.5 Million

PasswordsAdobe – 38 Million Passwords

Evernote – 50 Million Passwords

But when you analyse a dump, you have to wonder why you

bother…

A lot of usernames and passwords out there.

But Gavin, People don’t store passwords in the plain

anymore, right?

http://plaintextoffenders.com/

Oh okay, but the big guys are doing it right?

LinkedIn’s 6.5 Million Passwords were unsalted.

Even if they salt the passwords, they aren’t always per user

salts.

Salting doesn’t stop a targeted attack

Password Cracking is getting faster!

Making the Hashing more complex and resource intensive

is only part of the solution.

How do I even know if my password has been stolen?

You might not!

Some sneaky SysAdmins might put some fake accounts in.

So if the User “Rory” logs in, they can assume they have

been compromised.

Pretty useful idea – Honeypot accounts.

Hackers are sneaky

Can potentially spot these fake accounts by looking at their

activity and permissions.

So fake user accounts aren’t fool proof.

But we like the idea of making it a high-risk guessing game for

the attacker.

Why not have fake Passwords?

Introducing: Honeywords

First discussed by Jules and Rivest of MIT in May 2013.

If for every user account, we have multiple passwords, with

only one legit password, can we detect password theft by watching for our known

entries?

An unsalted MD5 example (Don’t throw things)Traditional DBUID Username Password (Hashed, For Security obv)

1 Gavin 565E15D84CC59763D13D58B5F66C967F

2 Rory AD7FADB59974D0C2E66E628C0485F9C9

3 Tiago AA177EC5DCBF88CA5EDF17236C1981E8

A plain text example (Don’t throw things)Traditional DB

Attacker Gets a hold

of the database

Fires up John or

Similar Tool

Gets Plain Text

Passwords Back

Lets implement Honeywords…

How do we make Honeywords?

How do we make Honeywords? We need believable words

We need some low hanging fruit

We need some tough passwords

We need to ensure we don’t use the users PW

We need to be able to identify HoneyWords internally!

How do we make Honeywords? Start with a dictionary

Select a handful of words of varying length

Depending on how hard we want to make the password to crack we can:

Mangle for Upper and Lower Case Prepend and Append numbers Substitute Symbols Concatenate Words

Make sure it doesn’t make our users PW!

How do we make Honeywords?We need to make a correct Checksum for our users passwordWe also need to make some fake checksums for the honeywords we have generated

An unsalted MD5 example Using HoneywordsUID Username

1 Gavin

2 Rory

3 Tiago

UID

Password Hash Checksum

1 565E15D84CC59763D13D58B5F66C967F

TU32R781V346R7ETV81ERTGE7RT8EV4

1 AD7FADB59974D0C2E66E628C0485F9C9

SVEVREVR6571654SF7CEWF7E1FC51W

1 AA177EC5DCBF88CA5EDF17236C1981E8

BCN7GHER17G8J7678A78W81CDFCTHY871

1 DC5F61F959F188478982A9DBB153FC21

EWFFFFSEESYUUTRYER87F1S67F1S5E7F1SCE

1 22028EA0D2E3C9577BD97FD7E1F07E45

IUWER232FWEJKHFHFWEUFH W3R3OUEFS34

An unsalted MD5 example Using Honeywords

Attacker Gets a hold of the

database

Fires up John or Similar Tool

Gets Plain Text

Passwords Back

Has a 20% chance of

picking the correct

password

1/5 Chance of getting it right

Can greatly decrease this chance by adding more

Honeywords!

How would I even authenticate against that?

Authentication ProcessWeb Server

• Takes Password and Hashes It

• Passes to DB Server

DB Server

• Retrieves Checksum where UID and Hash match and passes to Auth Server

Auth Server

• Performs additional secret cryptographic function on hash and compares to Passed Check Sum

• Returns True or False to Web Server

Web Server

• Either:• Logs user in

because they have a correct password

• Doesn’t log user in and flags that a known “Honeyword” was used

• Doesn’t log in due to incorrect password

In order to gain 100% certainty that they have the correct

password, they attack would need to compromise all 3

boxes.

So we now know when a password we have purposely

added to the DB is used.

We can detect password theft!

What else can we do with it?

Time based detection?

Change the fake passwords periodically to pinpoint when

they were stolen?

Alerting other services that passwords have been stolen

Central API for Services to use

Pass UIDs of known compromised accounts to a central service to alert users across platforms they may be

vulnerable?

The Benefits of Honeywords

The benefits of Honeywords Can be used to detect password theft

Can be used to prevent the usage of stolen credentials

Can provide warnings to other services that users may reuse passwords on

Can be used to deter attackers from trying to compromise accounts

What Honeywords won’t do

What Honeywords won’t do Honeywords won’t stop your service being compromised If they have your Password file, you have problems to begin with

Honeywords won’t stop the hashes from being cracked Only per hash salting and intensive hashing functions will slow

that down

Honeywords won’t stop attackers from gaining a users password by another method

Social Engineering, Key Logger, or simply guessing a rubbish password

Honeywords are not a replacement to a strong password policy and user

awareness

In Summary Honeywords allow for detectable password theft by seeding a database with known “wrong” passwords.

Watching for these passwords allows Systems to detect when they have had their password DB stolen.

Honeywords should be of varying difficulty in order to disguise themselves

Honeywords are not a replacement for: A strong password policy A strong password storage mechanism End Point Security

Any Questions?Tweet me @GavinHolt later if

you think of any