ErsatzPasswords

Almeshekah, Mohammed H.; Gutierrez, Christopher; Atallah, Mikhail J.; Spafford, Eugene H.

doi:10.1145/2818000.2818015

Cited by 32 publications

(12 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In their proposal and works building on it (e.g., [14]), the target is augmented with a trusted honeychecker that stores which of the passwords listed with the account is the user-chosen one; login attempts with others alert the site to its breach. Almeshekah et al [2] use a machine-dependent function (e.g., hardware security module) in the password hash at the target site to prevent offline cracking of its credential database if breached. Of more relevance here, an attacker who is unaware of this defense and so attempts to crack its database offline will produce plausible decoy passwords (ersatzpasswords) that, when submitted, alert the target site to its breach.…”

Section: Related Workmentioning

confidence: 99%

“…Indeed, DeBlasio et al report that sites' unwillingness to trust the evidence they provided of the sites' breaches was an obstacle to getting them to act. 2 Moreover, the utility of artificial accounts hinges critically on their indistinguishability from real ones, and if methods using them became effective in hindering attacker activity, ensuring the indistinguishability of these accounts would presumably become its own arms race. Our design is agnostic to whether it is deployed on real or decoy accounts, sidestepping the need for convincing decoy accounts but also demanding attention to the risks to real accounts that it might introduce.…”

Section: Related Workmentioning

confidence: 99%

“…This assumption implies that any two invocations of HoneyGen(a, π a , k) produce sets a , a that intersect only in a with near certainty. Otherwise, an adversary B(a, a ) that invokes a ← HoneyGen(a, π a , k) and returns a random π ∈ π a \ {π a } would violate (2). In other words, (2) implies that the honeywords generated at two different sites for the same user's accounts are distinct, even if the user reuses the same password for both accounts.…”

Section: Honeywordsmentioning

confidence: 99%

See 2 more Smart Citations

Using Amnesia to Detect Credential Database Breaches

Wang

Reiter

2022

Advances in Information Security

View full text Add to dashboard Cite

Known approaches for using decoy passwords (honeywords) to detect credential database breaches suffer from the need for a trusted component to recognize decoys when entered in login attempts, and from an attacker’s ability to test stolen passwords at other sites to identify user-chosen passwords based on their reuse at those sites. Amnesia is a framework that resolves these difficulties. Amnesia requires no secret state to detect the entry of honeywords and additionally allows a site to monitor for the entry of its decoy passwords elsewhere. We quantify the benefits of Amnesia using probabilistic model checking and the practicality of this framework through measurements of a working implementation.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Honeywordsmentioning

confidence: 99%

See 1 more Smart Citation

Using Amnesia to Detect Credential Database Breaches

Wang

Reiter

2022

Advances in Information Security

View full text Add to dashboard Cite

show abstract

“…We define deceptive defense systems as software, personnel, data, or policies to deceive attackers and decrease their ability to succeed. Examples include honeypots [12], honeyfiles [15], honeywords [9], and ErsatzPasswords [1].…”

Section: Information Security and Stability Analysismentioning

confidence: 99%

“…The EPW scheme [1] uses deception to protect salted password hashes (SHP) from offline brute-force attacks by modifying password hash creation. The term "ersatz password" can be interpreted as "fake passwords", i.e., not passwords of legitimate users in the system.…”

Section: Background On Security Controlmentioning

confidence: 99%

A Hypergame Analysis for ErsatzPasswords

Gutierrez

Almeshekah

Bagchi

et al. 2018

ICT Systems Security and Privacy Protection

Self Cite

View full text Add to dashboard Cite

A hypergame is a game theoretic model capturing the decisions of rational players in a conflict where misperceptions, from deception or information asymmetry, are present. We demonstrate how hypergames can model an actual security mechanism: ErsatzPassword, a defense mechanism to protect password hashes from offline brute-force attacks. Two ErsatzPassword defensive strategies are considered: to block the attacker and trigger an alarm, or to redirect the attacker into a honeynet for attack analysis. We consider the scenario where there is information asymmetry in the system and one side under-estimates or over-estimates the risk tolerance of the other side. We analyze plausible strategies for both attacker and defender and then solve 57,600 hypergame configurations to determine the optimal 1st line defense strategies under various levels of risk tolerance and misperceptions.

show abstract

HoneyHash: Honeyword Generation Based on Transformed Hashes

Shi

Sun

2021

Secure IT Systems

View full text Add to dashboard Cite

ErsatzPasswords

Cited by 32 publications

References 16 publications

Using Amnesia to Detect Credential Database Breaches

Using Amnesia to Detect Credential Database Breaches

A Hypergame Analysis for ErsatzPasswords

HoneyHash: Honeyword Generation Based on Transformed Hashes

Contact Info

Product

Resources

About