System Hacking

Password Cracking in the Field: Operating Systems and Database Management Systems

System Hacking Internet Security Whitepapers

Password cracking in the field is about the implementations of encryption algorithms. The information on these implementations on several platforms is fragmented. This document tries to provide some grip on the implementation and weaknesses in widely used software like operating systems and database management systems. Password cracking in the field is written for the Master of Science course System and Network Engineering in co-operation with Jeroen van Beek and Eric Nieuwland from KPMG. This document is written for Research Project 1 for the course System and Network Engineering at the University of Amsterdam.

Protecting Poorly Chosen Secrets from Guessing Attacks

System Hacking Internet Security Whitepapers

In a security system that allows people to choose their own passwords, those people tend to select passwords that can be easily guessed. These poorly chosen passwords are vulnerable to attacks based upon copying information (for example, the result of applying a one-way hash function to a password or of encrypting a message using password as the encryption key) and experimenting off-line.