This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Get That Weak Stuff Outta Here: Upgrading Password Storage

Josh_Gatka
Champ in-the-making
Champ in-the-making
‎06-20-2016 01:05 PM

Here is a recent press release from a company that experienced a breach. Does it sound familiar?

“To make sure you continue having the best experience possible on [Name of web site], we’re regularly monitoring our site and the Internet to keep your account information safe. We’ve recently noticed a potential risk to your [Name of web site] account coming from outside [name of web site]. Just to be safe, you’ll need to reset your password the next time you log in.”

Some recent breaches have highlighted the importance of securely handling passwords. In a recent high-profile breach, 100 million email and hashed password combinations were stolen in 2012 but not disclosed by the hackers until 2016 (supposedly). The passwords were hashed using the SHA-1 algorithm.

Using the strongest industry-standard hashing algorithms is the best way to ensure that passwords are protected in the event of a breach. New in OnBase 16 is the use of the PBKDF2 standard. What is PBKDF2? Why was the decision made to transition to PBKDF2 instead of SHA-2? To begin, let’s review the difference between Hashing and Encryption.

Encrypted communications are reversible by design. If an attacker possesses the right key, a message can be decrypted. Hashed values are designed to be irreversible. The password value is hashed and then the original password value is discarded forever. Only the hashed value remains:

When a user logs on, the value entered as a password is run through the same hashing algorithm. If the two values match, the login is successful. If the wrong password is run through the algorithm, the values will differ, and the login fails. Note that the “plaintext” password is not used in the login process.

While this approach (hashing) is more secure than storing passwords as plaintext (not hashed) in the database, it is still vulnerable to attacks. Two common types of attacks to which hashes are vulnerable are Dictionary Attacks and Brute-Force Attacks. In a dictionary attack, a user runs a huge list (dictionary) of common passwords through the hash algorithm, and then creates a file which matches each hashed value with its plaintext input. For each hash, the attacker attempts to match it with the hashes stored in their “dictionary”. If a match is found, the plaintext value is returned, and the hacker can log on using the stolen credentials.

Given a list of hashes, and the knowing the algorithm that computed them, it can be as easy as typing on a website to return the password. Crackstation.net is one such site. For example, take the five most common hashes from the breach at the top, it takes about 3 seconds to copy, paste, and compute the plaintext. Here are some statistics from that same breach:

RankPassword (plaintext)Password (Hashed with SHA-1 Algorithm)Frequency of use
11234567c4a8d09ca3762af61e59520943dc26494f8941b753,305 users
2*REDACTED* - Try cracking this one yourself...7728240c80b6bfd450849405e8500d6d207783b6172,523 users
3password5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8144,458 users
4123456789f7c3bc1d808e04732adf679965ccc34ca7ae344194,314 users
5123456787c222fb2927d828af22f592134e8932480637c0d63,769 users



This is why the site in question sent out the e-mail urging its users to change their password if they had not done so since 2012. You could have just cracked the password for 1.2 million users armed with nothing but a browser! Let’s step back and discuss the implications of this. Think back, have you ever used one password for multiple web sites, without updating it for years at a time? Perhaps someone in your family uses the same password for every site. Were their password to appear in the list above, they would be vulnerable to having their identity stolen. No matter how strong another website’s hashing algorithm is, the user’s e-mail address is linked to their newly cracked, plaintext password on a list that is publically available on the internet. Any hacker that views this list can attempt to log on and impersonate their identity on all of the other sites. Hackers know that their job is made easier by the fact that so many victims use the same password for every site.

So how can we defend against sites like crackstation? It’s relatively easy to do with a strong password. Let’s generate a stronger password that won’t be contained in most dictionaries. I picked “Two_words”. Next let’s use xorbin to hash that value using the same SHA-1 algorithm. I ran “Two_words” through the SHA-1 algorithm using xorbin and the hash generated is “29475b2240619b9611dede82877497ceee1833ca”. Finally, return to crackstation and attempt to crack the hash we just generated. What happened? The reason that this dictionary attack failed is because strong passwords are too unique to be included in the dictionary. If an attacker wanted to crack the hash of a strong password, they would need to “upgrade” their attack strategy and attempt a brute-force attack.

A brute-force attack works in a similar fashion to the dictionary attack described above. However, instead of using a pre-built list of words, a program begins calculating all possible character combinations for a specific password length. The number of possible guesses per second is dependent on your computer’s hardware, but 1 billion guesses per second is a realistic average.

It would not take very long for a brute-force attack to crack the hash for the password “Two_words”. Once the brute-force attack had cracked the hash, all other users with that password would be hacked as well. The next “upgrade” in defense would be to make your passwords longer and more complex. The reason why password policies require you to use strict guidelines in creating your passwords (at least 12 characters, one capital letter, one lower case letter, one number, one symbol etc.) is because it causes dictionary and brute-force attacks to take even longer to succeed. One common myth is that a complex password (LeBr0n_2016) is more secure than a long, less complex password (let’sgoocavsallin216). Because the attack is dependent on the number of possible character combinations for a specific password length, using a long password will always be a stronger defense against brute-force attacks than a complex one. Nothing is stopping you from creating a password that is both long and complex though, so long as you can remember it. The table below shows some ballpark calculations on the amount of time required to bruteforce passwords with two different complexity and length requirements.


Earlier I discussed the possibility of cracking multiple users’ hashes, because of the tendency of multiple users to use the same, easy to remember password. There is a way to ensure that cracking one hash does not result in cracking the hash of all other users using that same password. The solution is to “salt” the passwords. When a password is “salted” a value that is unique for each user is added to the password before it is hashed. In this way, each user will have a unique hash.  

Adding a salt to every password hash would mean that there would be no duplicates in the database like we referenced above. In addition, the attacker would need to know much more about the application’s logic to accurately crack a given list of hashes. They would need to know the hash, the algorithm, the salt value, and how the salt is combined with the password before hashing.

This added value which creates unique hashes also makes it more difficult for an attacker to know your password. If they were to crack the hash and then enter it as your password, the salt value would be added to the password for a second time which would result in a hash that does not match.


An added “bonus” of using salt is that it automatically increases the length of the password value. As was mentioned earlier, this increases the amount of time needed to successfully crack the hash using a brute-force attack.

Let’s review. You know that password hashing is a one-way, irreversible process. You know that the SHA-1 hashing algorithm is better than storing passwords in plaintext. You know what a dictionary attack is and that the best way to defeat it is to use complex passwords. You know what a brute-force attack is and that the best way to defend against it is to use long passwords. You know that the best way to make hashes unique so that they cannot be cracked en masse is to add salt to them before they are hashed.

Now that you are versed in the hashing process, let’s talk about the evolution of password hashing in OnBase. Beginning in OnBase 9.2, passwords were hashed using the SHA-1 algorithm with no salt applied. This method stayed in place until OnBase 12. Just as with the hashes you cracked earlier, an attacker with access to the database of an OnBase 11 implementation could simply drop these hashes into a site like crackstation and common passwords would be returned. Beginning in OnBase 12, passwords were salted before being hashed.

The SHA-1 algorithm has been around since 1995. Since that time, computers with multiple cores and powerful GPUs have become more and more affordable. The algorithm is no longer considered trustworthy for protecting passwords. The need has arisen to upgrade to something stronger. For OnBase 16, we have upgraded our defenses to a newer, stronger algorithm.

PBKDF2 (Password-Based Key Derivation Function 2) is a purpose-built algorithm that may be used to protect passwords. While SHA-1 and SHA-2 were meant to be general purpose hashing algorithms, PBKDF2 is better suited for securing passwords. SHA-1 and SHA-2 needed to be fast to suit their general-purpose usage. PBKDF2 is intentionally built to be slow in order to thwart attackers. In this case “slow” is a relative term. An end user will not notice the increased time taken to hash a password (from 5 milliseconds to 350 milliseconds). However, that increase scales accordingly for the attacker, who will now require more guesses in order to successfully crack the hash. In OnBase16, user passwords are salted and then calculated 30,000 times using the PBKDF2 algorithm. Our customers can sleep easy at night knowing that their passwords are stored securely in their OnBase database.

Takeaways

  • Hashing is a one-way operation where a password is run through an algorithm and is irreversible
  • After the hashing has taken place, the original “plain-text” password is discarded
  • When a user logs in, the password provided is run through the same algorithm, if the resultant hash matches the hash in the database, the login is successful
  • Common passwords hashed using SHA-1 can be cracked using a browser (dictionary attack)
  • Adding complexity to your password thwarts a dictionary attack but not a brute-force attack
  • Making your password longer helps to thwart brute-force attacks (think passphrase, not password)
  • Software which adds “salt” to your password before it is hashed helps to thwart the cracking of multiple hashes in a single guess. Even two people using the same password would have different hashes, if salts are part of the equation.
  • OnBase 16 uses the PBKDF2 algorithm to hash salted passwords 30,000 times
  • PBKDF2 is designed to be a slow algorithm that also delays attackers exponentially

Resources & Tools

0 Kudos
Copyright © 2024 Khoros, LLC