2015
DOI: 10.1007/978-3-319-15618-7_10
|View full text |Cite
|
Sign up to set email alerts
|

OMEN: Faster Password Guessing Using an Ordered Markov Enumerator

Abstract: Passwords are widely used for user authentication, and will likely remain in use in the foreseeable future, despite several weaknesses. One important weakness is that human-generated passwords are far from being random, which makes them susceptible to guessing attacks. Understanding the adversaries capabilities for guessing attacks is a fundamental necessity for estimating their impact and advising countermeasures. This paper presents OMEN, a new Markov model-based password cracker that extends ideas proposed … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
63
0

Year Published

2016
2016
2020
2020

Publication Types

Select...
5
3

Relationship

0
8

Authors

Journals

citations
Cited by 75 publications
(63 citation statements)
references
References 14 publications
0
63
0
Order By: Relevance
“…Modern password crackers have been proven to be effective in efficiently guessing a large number of passwords. Notable example of password crackers use various artificial intelligence techniques such as Probabilistic Context-Free Grammar (PCFG) [18,19], Ordered Markov Enumerators (OME) [20], and Artificial Neural Networks (ANNs) [21]. These recent development in password cracking has motivated the investigation of alternative primary authentication systems.…”
Section: Related Workmentioning
confidence: 99%
“…Modern password crackers have been proven to be effective in efficiently guessing a large number of passwords. Notable example of password crackers use various artificial intelligence techniques such as Probabilistic Context-Free Grammar (PCFG) [18,19], Ordered Markov Enumerators (OME) [20], and Artificial Neural Networks (ANNs) [21]. These recent development in password cracking has motivated the investigation of alternative primary authentication systems.…”
Section: Related Workmentioning
confidence: 99%
“…Weak passwords is also a widely known problem. The strength of user-chosen passwords against password guessing attacks has been studied since the early times of password-based authentication [8], [56], [40] Current techniques for password guessing are Markov models [44], [21], [37] and probabilistic context-free grammars [55]; stateof-the-art tools include John the Ripper [51] and HashCat [52]. Historically, the strength of passwords against guessing attacks has been assessed by using password crackers to find weak passwords [42].…”
Section: Related Workmentioning
confidence: 99%
“…With PCFGs, Weir et al [92] demonstrated how to "learn" these rules from password distributions. Ma et al [49] and Durmuth et al [20] have subsequently extended this early work.…”
Section: Password Guessingmentioning
confidence: 90%