Author Topic: Import Firefox Passwords  (Read 26714 times)

Offline thibros

  • Full Member
  • ***
  • Posts: 107
Import Firefox Passwords
« Reply #15 on: June 18, 2006, 06:39:34 PM »
Quote from: Eric H. Jung
OK, let's do it together.
OK.

As for your calculation, you'd have to multiply the master password combinations and character set combinations instead of adding them, giving you a total of 93^101 = 6,55...e+198 = about 2^457  combinations (as comparison, the universe consists of about 2^250 particles).

A number with 198 digits is quite difficult to comprehend, no wonder it's giving people headaches, so I'm looking at a few common scenarios, and give some examples too, so anyone interested in this can understand it.

Let's look at your example first, and make it specific. So there's Alice and Eve, and Eve doesn't like Alice (we don't know the reason, but I suspect it has to do with Bob  ). Eve knows that Alice is using PasswordMaker, knows that she isn't using leet or other modifications, only a personalized character set (Alice might have mentioned that in a forum), so Eve sets up a forum on her site and gets Alice to register. Now Eve has a generated password, let's say it is "Aa1!Bb2#", so we have something to work with. She now ponders on how to get the master password, so she gets herself a super computer, and someone to write her a program so it can check a billion passwords per second with the following settings:
No leet, Hash: SHA-256, URL: eve.com, length 8, all other fields empty.

The script permutes the full 93 characters in the master password and charset fields in all lengths.

Eve is prepared to wait a long time, but after only two months (statistically) the scripts ends with a solution, maybe:
Character Set:  zbA2Y17B#0!%a
Master Password: qwerty
(you can check this at http://passwordmaker.org/proto/passwordmaker.html, it does generate the password Aa1!Bb2#)

Another two months later, the script puts out another solution, maybe:
Character Set: bH(XaBK&2Aqaz#!xe&iI1v8G
Master Password: 12345

or:
Character Set: xxx#xB2axAxb!1xx
Master Password: password

What happened? Which one is Alice's master password, qwerty or 12345 or 'password'? This is something called "collision" in cryptography, different input values generating the same output value. And there is no way for Eve to find out which one is the right one, without further information.

The calculation Eric made is leaving out one important variable, or rather assume it to be pretty high while it's normally quite low: the length of the generated password. In this example it is 8.

This leaves only 93^8 (= 2^36) combinations for generated passwords, while the input is 2^457. So each generated password has 2^421 master password/charset combinations that generate it. Eve would either need a generated password of length 100 or more, or 13 different generated passwords of length 8, to narrow down the collisions to a reasonable amount, from which to choose the right one, maybe one where the charset is in sort of an order (ABCDE…). But in this case it really does take the ridiculous amount of time we calculated.

I obviously constructed these collisions, which is very easy. In the last example you can substitute every x in xxx#xB2axAxb!1xx with any other character, so that gives you a quadrillion collisions, and they all generate the password in question.

So I think we all agree that Eve needs a different approach. Let's assume Alice and Eve aren't stupid, have computer knowledge and some resources. Eve tries to send Alice a keylogger, a custom script not noticed by virus protection, if Alice installs it and doesn't have a good firewall, she's out of luck. But Alice doesn't install anything unknown.

Alice will be pretty secure as long as Eve doesn't get physical access to the machine Alice is working on. But once Eve does, maybe even by sneaking into her home, opening the PC and making a copy of the hard disc, she'll have much more to work with. And maybe Alice wouldn't even find out that she's been compromised.

Assuming the drive wasn't encrypted, Eve now has copies of about everything. She's only interested in PasswordMaker stuff, so now everything depends on how much information Alice has put into it. If Alice has stored her Master Password in the rdf file, or if she has used the same password for the remote server or stored in a field in any other account, then it's over. Eve has won, because she will try those first. So let's assume the master password is unique and never stored anywhere.

Now Eve has access to all the settings, including charset and all stored passwords. All she has to do now is a brute force attack over the master password, still assuming she has at least one generated password of at least the length of the master password.

Now it all depends on the complexity of the master password. Assuming it's not a dictionary word but doing a search over 96 characters, we'd get (at a billion passwords/sec, if it's a slower workstation, you just add a zero or two):

length: time
5: 8 seconds
6: 14 minutes
7: 21 hours
8: 84 days
9: 23 years
10: 2138 years

( time = 96^length / 1,000,000,000 )

So, to sum it up, a weak master password isn't a problem as long as settings aren't revealed. But once someone knows them PLUS a password generated by them AND has the knowledge and means to crack it, then a weak password increases your risk.

There would be an easy way to add much more security, by adding a new field "recursive encryption", a number that states how many times the generated hash (or password) is fed back into the hash algorithm to create a loop. If it's for example 1000, it would take 1000 times the amount of time to crack it, with everything else revealed. You could choose an even higher number for more security when you use a dictionary word, but it'll slow down the generation (which is desired, so the attacker will have trouble too).
« Last Edit: June 18, 2006, 06:43:44 PM by Thibros »

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
Import Firefox Passwords
« Reply #16 on: June 18, 2006, 08:17:11 PM »
Hi Thibros,

I'm not sure how to respond to your analysis. It makes a lot of assumptions, such as:
  • the user has a keylogger installed
  • the user's settings have been stolen by the attacker
  • the user uses has a weak master password (you yourself have advocated in the past for the use of a sentence-derived, lengthy master password)
  • the attacker knows one or more generated password
  • did I miss any assumptions?
In a similar vein, given the following assumptions, I can successfully rob the Fort Knox Gold Bullion Depository without ever getting caught:I guess what I'm trying to say is nothing in our world is ever completely and entirely secure, not even PasswordMaker. There are only degrees of security. As I've said numerous times over the years in these forums, security and convenience are at odds with eachother. The more convenience you demand, the less security you enjoy.
« Last Edit: June 18, 2006, 08:17:57 PM by Eric H. Jung »

Offline thibros

  • Full Member
  • ***
  • Posts: 107
Import Firefox Passwords
« Reply #17 on: June 18, 2006, 10:09:02 PM »
I wouldn't call those assumptions, I'd call them vulnerabilities.

Well, my analysis has two parts. The first part makes none of these 'assumptions', and shows that the user is perfectly safe because if the settings are not known, there are MANY possible settings that generate a specific password.

But if by any means the settings have become known, those vulnerabilities increase the risk to certain threats. In any case, the risk probably isn't high, it depends on the kind of threat. And the biggest threat is usually that of a personal attack by someone who knows you.

I'm really not trying to scare anyone, I just think there are some misconceptions about security in general, and a general lack of interest. We could have encrypted emails for maybe ten years now, but appearingly nobody wants to use it. Some kind of better security can also be convenient, and PasswordMaker can help.


Offline morguns

  • Full Member
  • ***
  • Posts: 145
Import Firefox Passwords
« Reply #18 on: June 27, 2006, 04:27:26 AM »
note to self: don't make eve mad

PasswordMaker Forums

Import Firefox Passwords
« Reply #18 on: June 27, 2006, 04:27:26 AM »