You are here: silicon.com > Resources > White Papers > Servers and Server OS > Server Platforms - OS > UNIX

UNIX White Papers

Brute Force Attack on UNIX Passwords with SIMD Computer

Tags:
unix,
unix,
attack,
force

Overview As computer technology improves, the security of specific ciphers and one-way hash functions periodically must be reevaluated in light of new technological advances. In this paper we evaluate the security of the UNIX password scheme. We show that the UNIX password scheme is vulnerable to brute-force attack. Using PixelFlow, a SIMD parallel machine, we are able to "crack" a large fraction of passwords used in practice in 2-3 days of computation. We explain how a SIMD machine built in today's technology could "crack" any UNIX password in two days. We also describe in this paper a simple modification to the UNIX password scheme that makes it harder to break encrypted passwords using dictionary and brute force attack, thus extending the useful life of the UNIX password scheme. The modified password scheme is compatible with the existing password scheme.

Further White Paper Details
Publisher	USENIX Association	File Format	HTML & PDF
Date Published	August 1999	Downloads	26
Format	White Papers
Topics	UNIX, Anti-Hacking, Application Security Tools

Did you find this white paper useful? 4 out of 6 users found this white paper useful

FBI unveils top 20 IT gaffes

John Gilligan, acting CIO of the US Air Force and co-chair of the Security Committee of the Federal CIO Council, welcomed the announcement on behalf of US government IT directors, and said there were still too many instances where government...

Channel:
Security Strategy

Laptop security: What you need to know

Passwords have to be set in a way they cannot easily be guessed because once a hacker gets hold of a laptop, he has all the time in the world to crack the machine open," added Hofacker. IRM's Barrett said: "Encrypted disks make the stealing of...

Channel:
Comment & Analysis

The Linux Slapper worm: an update

Once infected, a computer drawn into the Slapper network can be ordered - by commands passed from machine to machine - to attack a target in one of four different ways: send out a deluge of data, force the target to execute a command, redirect...

Channel:
Security Strategy

It's another Microsoft security threat

Unix, Linux and the Mac OS X, however, add a 12-bit salt to the calculation, making any brute force attempt to break the encryption take 4,096 times longer or require 4,096 times more memory. That means a password cracker can create a large lookup...

Mac virus alert - users' details at risk

Ducklin said Opener disables Mac OS X's built in firewall, creates a back door so the malware author can control the computer remotely, locates any passwords stored on the hard drive and downloads a password cracker called JohnTheRipper.

Channel:
Malware
Tags:
virus,
renepo,
opener,
apple

Analysis: What's the next malware threat?

F-Secure's Hypponen also forecasts that phishers will find ways to crack one-time passwords which some banks have introduced as a security measure. The fake bank logs into the real bank with the one-time password and moves money around.

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

UNIX White Papers

Brute Force Attack on UNIX Passwords with SIMD Computer

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific