DocumentCode :
3300524
Title :
Extracting Kerberos passwords through RC4-HMAC encryption type analysis
Author :
Alazzawe, A. ; Alazzawe, A. ; Nawaz, Ausama ; Wijesekera, Duminda
Author_Institution :
George Mason Univ., Fairfax
fYear :
2008
fDate :
March 31 2008-April 4 2008
Firstpage :
679
Lastpage :
685
Abstract :
In this paper, we propose a system and method for obtaining Kerberos passwords by capturing a single packet, encrypted using the RC4-HMAC encryption type. We present two methods that when combined together, can reduce the time needed to crack a password by 60.2% over brute force. The first method uses known text in the preauthentication phase to skip the verification section of the decryption process. The second method precomputes some of the steps of the RC4-HMAC decryption process. We also present a novel method of eliminating the amount of space needed to store passwords in memory by using a counter to map hashes to their password.
Keywords :
cryptography; message authentication; Kerberos passwords; RC4-HMAC encryption; decryption; Authentication; Costs; Counting circuits; Cryptographic protocols; Cryptography;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Systems and Applications, 2008. AICCSA 2008. IEEE/ACS International Conference on
Conference_Location :
Doha
Print_ISBN :
978-1-4244-1967-8
Electronic_ISBN :
978-1-4244-1968-5
Type :
conf
DOI :
10.1109/AICCSA.2008.4493602
Filename :
4493602
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3300524
بازگشت