Home
Search results “Password based key derivation function pbkdf2 cryptography”
PBKDF2 - Password Based Key Derivation Functions in .NET
 
10:54
In this video, I explain what a Password-Based Key Derivation function is in .NET and why they are important for password storage. http://www.stephenhaunts.com If you like this channel, you can support me by buying one of my books on Kindle or Paperback. A Gentle Introduction to Agile Software Development https://amzn.to/2qoWW4o A Gentle Introduction to Lean Software Development https://amzn.to/2JMosky A Gentle Introduction to Speaking in Public https://amzn.to/2JPwKZ8 A Gentle Introduction to Beating Procrastination and Getting Focused https://amzn.to/2vk63s3 A Gentle Introduction to Agile and Lean Software Development https://amzn.to/2qB0XC8
Views: 4574 Stephen Haunts
Scrypt Password Based Key Derivation Function - Cryptography
 
20:37
A more advanced topic, we go over the Scrypt password based key derivation function which is used in popular cryptocurrencies like Litecoin!
Views: 4674 CSBreakdown
Password Hashing, Salts, Peppers | Explained!
 
04:30
---------------------------------------------------------------------------------------------- Check out my site: http://www.seytonic.com Follow me on twitter: https://twitter.com/seytonic
Views: 63439 Seytonic
PBKDF2
 
05:38
Web page: http://asecuritysite.com/encryption/PBKDF2
Views: 4153 Bill Buchanan OBE
Hashing Algorithms and Security - Computerphile
 
08:12
Audible free book: http://www.audible.com/computerphile Hashing Algorithms are used to ensure file authenticity, but how secure are they and why do they keep changing? Tom Scott hashes it out. More from Tom Scott: http://www.youtube.com/user/enyay and https://twitter.com/tomscott http://www.facebook.com/computerphile https://twitter.com/computer_phile This video was filmed and edited by Sean Riley. Pigeon Sound Effects courtesy of http://www.freesfx.co.uk/ Computerphile is a sister project to Brady Haran's Numberphile. See the full list of Brady's video projects at: http://bit.ly/bradychannels
Views: 766102 Computerphile
PBKDF2
 
09:11
PBKDF2 (Password-Based Key Derivation Function 2) is a key derivation function that is part of RSA Laboratories' Public-Key Cryptography Standards (PKCS) series, specifically PKCS #5 v2.0, also published as Internet Engineering Task Force's RFC 2898. It replaces an earlier standard, PBKDF1, which could only produce derived keys up to 160 bits long. PBKDF2 applies a pseudorandom function, such as a cryptographic hash, cipher, or HMAC to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations. The added computational work makes password cracking much more difficult, and is known as key stretching. When the standard was written in 2000, the recommended minimum number of iterations was 1000, but the parameter is intended to be increased over time as CPU speeds increase. Having a salt added to the password reduces the ability to use precomputed hashes (rainbow tables) for attacks, and means that multiple passwords have to be tested individually, not all at once. The standard recommends a salt length of at least 64 bits. This video is targeted to blind users. Attribution: Article text available under CC-BY-SA Creative Commons image source in video
Views: 1793 Audiopedia
Cryptography  Key Derivation (odds and ends)
 
13:36
Key Derivation To get certificate subscribe: https://www.coursera.org/learn/crypto ======================== Playlist URL: https://www.youtube.com/playlist?list=PL2jykFOD1AWYosqucluZghEVjUkopdD1e ======================== About this course: Cryptography is an indispensable tool for protecting information in computer systems. In this course you will learn the inner workings of cryptographic systems and how to correctly use them in real-world applications. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two parties generate a shared secret key.
Views: 335 intrigano
enhancing password based key derivation techniques stephen lombardo nick parker
 
37:42
These are the videos from Passwordscon 2014: http://www.irongeek.com/i.php?page=videos/passwordscon2014/mainlist
Views: 226 Adrian Crenshaw
Intro to Cryptography
 
07:41
A brief overview of cryptography, and an introduction to a few beginner cryptographic systems, as well as how vulnerable they can be to unwanted listeners.
Views: 1944 CSBreakdown
Secure Password Hashing (PBKDF2) with CrococryptLib
 
02:52
In this tutorial, we demonstrate how CrococryptLib can be easily used to implement secure password hashing into Java applications. This applies to Web applications and Java-based Desktop applications (e.g., Swing, AWT, SWT/RCP, JavaFX), but also database and backend applications as well as Android apps. You just need to have a little bit of Java knowledge to apply this solution, no cryptography know-how is necessary to securely integrate secure password hashing into your own application. CrococryptLib is following PBKDF2 from the security standard PKCS#5. http://www.frankhissen.de/clib
Views: 1660 Hißen IT
PW20 Password Based Encryption Using IO Hardness Greg Zaverucha
 
25:11
These are the videos from BSidesLV 2015: http://www.irongeek.com/i.php?page=videos/bsideslasvegas2015/mainlist/mainlist
Views: 184 Adrian Crenshaw
Advanced Settings - How to Use Password Based Encryption in BestCrypt Container Encryption
 
05:33
In this video you will find detailed instructions on how to gain added security by using the Password Based Encryption method with Keyfiles and Key Stretching techniques in BestCrypt Container Encryption. To use default settings, visit https://youtu.be/I37YK9IQFa8 To learn more about Jetico's long-trusted file encryption solution for laptops, desktops and servers, visit https://www.jetico.com/products/personal-privacy/bestcrypt-container-encryption
Views: 267 Jetico Inc. Oy
Key Wrapping for Cryptographic APIs
 
25:54
Thomas Shrimpton and Martijn Stam and Bogdan Warinschi, Crypto 2016. Original title: A Modular Treatment of Cryptographic APIs: The Symmetric-Key Case. See http://www.iacr.org/cryptodb/data/paper.php?pubkey=27679
Views: 792 TheIACR
AskDeveloper Podcast - 46 - Cryptography - Part 1 - Introduction and Hashing - التشفير الجزء الأول
 
01:40:46
http://www.askdeveloper.com/2017/01/cryptography.html Information Security 1. Introduction ○ Security by obscurity § Steganography □ Hiding data inside another form of data, like using non-used bits in image to hide a message § Cool, but not practical. § Disadvantages ◊ Algorithm secrecy vs. key secrecy ○ Cryptography is everywhere and yet if done right, you can barely see it. ○ Goals: § Confidentiality □ Secrets stay secret. § Integrity □ Data is not tampered with. § Non-Repudiation □ No party can deny sending messages. § Authentication □ Each party can ensure that the sender is what they expect. ○ Cryptography § Hashing § Encryption § Signing § Protocols ○ Random Number Generators § Extremely important, almost all encryption/hashing strength is affected by how random the random number generator is. § Don't use simple random number, use a cryptographic random number generator with a sophisticated source of entropy. § Pseudorandom number generator § Dual_EC_DRBG random generator backdoor 2. Body ○ Hashing (one Way) § Properties □ Fixed length output no matter what size the input was □ Very easy to compute the hash of a given message, however very hard to compute from a hash the corresponding input. □ Mathematically infeasible to generate a message that has a given hash □ Any modification to a message produces a completely different hash that has no relationship to the original message's hash. □ It is mathematically infeasible to find two messages with the same hash. Hash Collision § Hashing Functions □ Provides data integrity, however lacks authentication □ Examples ® MD5 ◊ Considered Insecure ® Secure Hash Family SHA-X, Sha-1, Sha-2 [Sha256, Sha512], Sha-3 ◊ Sha-1 is considered insecure. ◊ Sha-1, Sha-2 designed by NSA ◊ Sha-3 is not designed by NSA, Competition winner. □ Attacks ® Brute force ◊ CPU's are getting faster and cheaper every day. ◊ GPU's are getting faster and cheaper every day. ◊ Special Hash calculating hardware is becoming more available especially with the BitCoin push. ® Rainbow table attacks ◊ Pre-Calculated tables where you can reverse lookup a hash to a value ◊ Try www.crackstation.net § Hash Message Authentication Codes (HMAC) □ Adds authentication to integrity □ Can be used with all previous algorithms, HMACMD5, HMACShA1, HMAC256 … etc. § Salted Hash □ Adds random salt to mitigate rainbow table □ Salts are unique per record, and not a secret. § Password Based Key Derivation Function (PBKDF2) □ RSA Public Key Cryptographic Standard PKCS #5 Version 2.0 □ Internet Engineering Task Force RFC 2898 Specification ® Adds a lot of iterations to slow it just enough to mitigate brute force (default 50,000 iterations) ® Adds random salt to mitigate rainbow table □ Disadvantage: It can be easily implemented with hardware which makes it vulnerable to bruteforce even with high number of iterations § Bcrypt □ Password Hashing function □ State of the art password hashing § Usages □ Integrity Check Password Storage Our facebook Page http://facebook.com/askdeveloper On Sound Cloud http://soundcloud.com/askdeveloper Please Like & Subscribe
Views: 2379 Mohamed Elsherif
Intro to Key Stretching (demonstrates key stretching and salting using PBKDF2)
 
14:28
Get my Security+ Cert Guide! https://click.linksynergy.com/link?id=g//2PZbywdw&offerid=163217.2769094&type=2&murl=http%3A%2F%2Fwww.pearsonitcertification.com%2Ftitle%2F9780789758996&u1=secplusCGyoutube Security+ Study Page: https://www.sy0-501.com
Views: 6590 D Pro Computer
Honey encryption!! sample implementation of code
 
05:33
explained honey encryption algorithm. git code-https://github.com/victornguyen75/honey-encryption IDE used - Anaconda Edit the git code :P
Views: 739 combine cope
web crypto api digital signature using pbkdf2 and hmac
 
00:30
Reference: https://8gwifi.org/docs/window-crypto-ds.jsp In this example we are going to produce the digital signature of the message by using pbkdf2 key derivation function, and then sign the message from the derived key using HMAC, then we are going to verify the message web crypto api example web cryptography api browser support javascript web crypto api example web crypto api chrome web crypto sample web crypto api github web crypto sign example web crypto polyfill
Views: 178 Zariga Tongy
Bcrypt & Password Security - An Introduction
 
06:52
A conceptual introduction to bcrypt and why it's useful in the context of user password security. MakerSquare | http://mks.io/learntocode MakerSquare is a three-month full-time career accelerator for software engineering. By teaching computer science fundamentals and modern web languages like JavaScript, we prepare students to join top flight engineering teams.
Views: 26679 Hack Reactor
Akshayaram Srinivasan - Single-Key to Multi-Key Functional Encryption With Polynomial Loss
 
33:21
Akshayaram Srinivasan of UC Berkeley presents a talk "Single-Key to Multi-key Functional Encryption With Polynomial Loss" at the DIMACS/CEF Workshop on Cryptography and Software Obfuscation event. http://dimacs.rutgers.edu/Workshops/Obfuscation/ The workshop was held from Tuesday, November 8, 2016 to Wednesday November 9, 2016 at the Bechtel Conference Center at Stanford University.
Views: 141 Rutgers University
WIFI WPA2 cracked in 6 seconds100℅ Working
 
01:14
wifi wps cracked in few seconds. In this video I will explain the easiest and fastest way to find the key of a wpa2 wifi router with wps pin Comment cracker un wifi wpa/wpa2 avec Wifislax 2017 WIFI HACKING CRACK ANY WIFI PASSWORD|| 2017 En este video voy a explicar la forma más fácil y rápida de encontrar la clave de un wpa2 wifi router con wps pin Last week's feature explaining why passwords are under assault like never before touched a nerve with many Ars readers, and with good reason. After all, passwords are the keys that secure Web-based bank accounts, sensitive e-mail services, and virtually every other facet of our online life. Lose control of the wrong password and it may only be a matter of time until the rest of our digital assets fall, too. Take, for example, the hundreds of millions of WiFi networks in use all over the world. If they're like the ones within range of my office, most of them are protected by the WiFi Protected Access or WiFi Protected Access 2 security protocols. In theory, these protections prevent hackers and other unauthorized people from accessing wireless networks or even viewing traffic sent over them, but only when end users choose strong passwords. I was curious how easy it would be to crack these passcodes using the advanced hardware menus and techniques that have become readily available over the past five years. What I found wasn't encouraging. First, the good news. WPA and WPA2 use an extremely robust password-storage regimen that significantly slows the speed of automated cracking programs. By using the PBKDF2 key derivation function along with 4,096 iterations of SHA1 cryptographic hashing algorithm, attacks that took minutes to run against the recent LinkedIn and eHarmony password dumps of June would require days or even weeks or months to complete against the WiFi encryption scheme. What's more, WPA and WPA2 passwords require a minimum of eight characters, eliminating the possibility that users will pick shorter passphrases that could be brute forced in more manageable timeframes. WPA and WPA2 also use a network's SSID as salt, ensuring that hackers can't effectively use precomputed tables to crack the code. That's not to say wireless password cracks can't be accomplished with ease, as I learned firsthand. I started this project by setting up two networks with hopelessly insecure passphrases. The first step was capturing what is known as the four-way handshake, which is the cryptographic process a computer uses to validate itself to a wireless access point and vice versa. This handshake takes place behind a cryptographic veil that can't be pierced. But there's nothing stopping a hacker from capturing the packets that are transmitted during the process and then seeing if a given password will complete the transaction. With less than two hours practice, I was able to do just that and crack the dummy passwords "secretpassword" and "tobeornottobe" I had chosen to protect my test networks. Brother, can you spare a deauth frame? To capture a valid handshake, a targeted network must be monitored while an authorized device is validating itself to the access point. This requirement may sound like a steep hurdle, since people often stay connected to some wireless networks around the clock. It's easy to get around, however, by transmitting what's known as a deauth frame, which is a series of deauthorization packets an AP sends to client devices prior to it rebooting or shutting down. Devices that encounter a deauth frame will promptly rejoin an affected network. Fonction de la semaine dernière expliquant pourquoi les mots de passe sont sous l'assaut comme jamais touché un nerf avec beaucoup de lecteurs Ars, et avec raison. Après tout, les mots de passe sont les clés qui sécurisent les comptes bancaires basés sur le Web, les services de courrier électronique sensibles et pratiquement tous les autres aspects de notre vie en ligne. Perdre le contrôle du mot de passe erroné et il peut seulement être une question de temps jusqu'à ce que le reste de nos actifs numériques tombent, aussi. Prenez, par exemple, les centaines de millions de réseaux WiFi utilisés dans le monde entier. S'ils sont comme ceux à portée de mon bureau, la plupart d'entre eux sont protégés par les protocoles de sécurité WiFi Protected Access ou WiFi Protected Access 2. En théorie, ces protections empêchent les pirates informatiques et autres personnes non autorisées d'accéder aux réseaux sans fil ou même de visualiser le trafic qui leur est envoyé, mais seulement lorsque les utilisateurs finaux choisissent des mots de passe forts. J'étais curieux de savoir combien il serait facile de casser ces codes d'accès à l'aide des menus matériels avancés et des techniques qui sont devenus facilement disponibles au cours des cinq dernières années. الحصول على كلمة المرور لشبكات الواي فاي في هذا الفيديو سوف أشرح أسهل وأسرع طريقة للعثور على مفتاح جهاز التوجيه واي فاي WPA2 مع دبوس WPS
Views: 799 RIYAD-DIGITAL RIYAD
PW23 PBKDF2 Performance Matters
 
24:30
These are the videos from BSidesLV 2015: http://www.irongeek.com/i.php?page=videos/bsideslasvegas2015/mainlist/mainlist
Views: 632 Adrian Crenshaw
Cryptography for JavaScript Developers - Nakov @ JS.Talks() 2018
 
01:12:44
Title: Cryptography for JavaScript Developers Speaker: Svetlin Nakov, PhD Conference: js.talks() 2018 Most developers believe they know cryptography, just because they store their passwords hashed instead of in plaintext and because have once configured SSL. In this talk the speaker fills the gaps by explaining some cryptographic concepts with examples in JavaScript. The talk covers: - Hashes, HMAC and key derivation functions (Scrypt, Argon2) with examples in JavaScript - Encrypting passwords: from plain text to Argon2 - Symmetric encryption at the client-side: AES, block modes, CTR mode, KDF, HMAC, examples in JavaScript - Digital signatures, ECC, ECDSA, EdDSA, signing messages, verifying signatures, examples in JavaScript - Why client-side JavaScript cryptography might not be safe? Man-in-the-browser attacks, Cross-Site Scripting (XSS) / JavaScript injection, etc. More info, slides and video: http://www.nakov.com/blog/2018/11/18/cryptography-for-javascript-developers-nakov-js-talks-2018/
Views: 412 Svetlin Nakov
Cryptography for Java Developers: Nakov jProfessionals (Jan 2019)
 
01:05:06
Cryptography for Java Developers Hashes, MAC, Key Derivation, Encrypting Passwords, Symmetric Ciphers & AES, Digital Signatures & ECDSA About the Speaker What is Cryptography? Cryptography in Java – APIs and Libraries Hashes, MAC Codes and Key Derivation (KDF) Encrypting Passwords: from Plaintext to Argon2 Symmetric Encryption: AES (KDF + Block Modes + IV + MAC) Digital Signatures, Elliptic Curves, ECDSA, EdDSA Live demos and code examples: https://github.com/nakov/Java-Cryptography-Examples Slides: https://www.slideshare.net/nakov/cryptography-for-java-developers-nakov-jprofessionals-jan-2019 Blog: https://nakov.com/blog/2019/01/26/cryptography-for-java-developers-nakov-at-jprofessionals-jan-2019/
Views: 261 Svetlin Nakov
CRYPTOGRAPHY
 
01:25
Master keys for group sharing using keyless cryptography
What is KEY STRETCHING? What does KEY STRETCHING mean? KEY STRETCHING meaning & explanation
 
03:00
What is KEY STRETCHING? What does KEY STRETCHING mean? KEY STRETCHING meaning - KEY STRETCHING definition - KEY STRETCHING explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In cryptography, key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute force attack by increasing the time it takes to test each possible key. Passwords or passphrases created by humans are often short or predictable enough to allow password cracking. Key stretching makes such attacks more difficult. Key stretching techniques generally work as follows. The initial key is fed into an algorithm that outputs an enhanced key. The enhanced key should be of sufficient size to make it infeasible to break by brute force (e.g. at least 128 bits). The overall algorithm used should be secure in the sense that there should be no known way of taking a shortcut that would make it possible to calculate the enhanced key with less processor work than by using the key stretching algorithm itself. The key stretching process leaves the attacker with two options: either try every possible combination of the enhanced key (infeasible if the enhanced key is long enough), or else try likely combinations of the initial key. In the latter approach, if the initial key is a password or a passphrase, then the attacker would first try every word in a dictionary or common password list and then try all character combinations for longer passwords. Key stretching does not prevent this approach, but the attacker has to spend much more time on each attempt. If the attacker uses the same class of hardware as the user, each guess will take the same amount of time to process as it took the user (for example, one second). Even if the attacker has much greater computing resources than the user, the key stretching will still slow the attacker down, since the user's computer only has to compute the stretching function once upon the user entering their password, whereas the attacker must compute it for every guess in the attack. There are several ways to perform key stretching. A cryptographic hash function or a block cipher may be repeatedly applied in a loop. In applications where the key is used for a cipher, the key schedule in the cipher may be modified so that it takes a specific length of time to perform. A related technique, salting, protects against time-memory tradeoff attacks and is often used in conjunction with key stretching.
Views: 217 The Audiopedia
Emil Bay:  Keeping passwords safe in 2017 | JSConf EU 2017
 
26:42
http://2017.jsconf.eu/speakers/emil-bay-keeping-passwords-safe-in-2017.html Every other week there seems to be a new dump of cracked passwords, hurting innocent and unbeknownst users. It seems as if keeping users passwords safe is an herculean task, even beyond the most resourceful organisations. However it doesn’t have to be. Password hashing is a important discipline in cryptography. Securing passwords has become so integral to our society that in 2013 a Password Hashing Competition was announced, for the academic community to band together and develop a common recommendation for future use. In this talk I’ll showcase how to handle passwords correctly and safely and clear out misinformation that is still abound in tutorials and blog posts. All with heaps of demos to motivate, make the material concrete and so everyone can follow along!
Views: 7872 JSConf
On the Economics of Offline Password Cracking
 
21:55
On the Economics of Offline Password Cracking Jeremiah Blocki (Purdue University) Presented at the 2018 IEEE Symposium on Security & Privacy May 21–23, 2018 San Francisco, CA http://www.ieee-security.org/TC/SP2018/ ABSTRACT We develop an economic model of an offline password cracker which allows us to make quantitative predictions about the fraction of accounts that a rational password attacker would crack in the event of an authentication server breach. We apply our economic model to analyze recent massive password breaches at Yahoo!, Dropbox, LastPass and AshleyMadison. All four organizations were using key-stretching to protect user passwords. In fact, LastPass' use of PBKDF2-SHA256 with $10^5$ hash iterations exceeds 2017 NIST minimum recommendation by an order of magnitude. Nevertheless, our analysis paints a bleak picture: the adopted key-stretching levels provide insufficient protection for user passwords. In particular, we present strong evidence that most user passwords follow a Zipf's law distribution, and characterize the behavior of a rational attacker when user passwords are selected from a Zipf's law distribution. We show that there is a finite threshold which depends on the Zipf's law parameters that characterizes the behavior of a rational attacker --- if the value of a cracked password (normalized by the cost of computing the password hash function) exceeds this threshold then the adversary's optimal strategy is always to continue attacking until each user password has been cracked. In all cases (Yahoo!, Dropbox, LastPass and AshleyMadison) we find that the value of a cracked password almost certainly exceeds this threshold meaning that a rational attacker would crack all passwords that are selected from the Zipf's law distribution (i.e., most user passwords). This prediction holds even if we incorporate an aggressive model of diminishing returns for the attacker (e.g., the total value of $500$ million cracked passwords is less than $100$ times the total value of $5$ million passwords). On a positive note our analysis demonstrates that memory hard functions (MHFs) such as SCRYPT or Argon2i can significantly reduce the damage of an offline attack. In particular, we find that because MHFs substantially increase guessing costs a rational attacker will give up well before he cracks most user passwords and this prediction holds even if the attacker does not encounter diminishing returns for additional cracked passwords. Based on our analysis we advocate that password hashing standards should be updated to require the use of memory hard functions for password hashing and disallow the use of non-memory hard functions such as BCRYPT or PBKDF2.
Storing keys and passwords with Gazzang zTrustee
 
01:38
In this video, Gazzang CTO, Dustin KIrkland explains how companies can use Gazzang zTrustee to securely store encryption keys, tokens, passwords and other authentication strings.
Views: 746 GazzangInc
Cryptographic operations in the browser
 
53:43
Many operations you like to perform on the web like authentication, sending secure messages and the signing of documents require cryptographic operations. W3C started an effort to standardise a secure API for performing these operations on the web. This work resulted in a Javascript Web Cryptography API which will be implemented by all major browsers soon, but is also applicable in other environments. This talk will start by quickly explaining why a native Cryptography API is required, followed by an introduction to the Web Cryptography API by exploring some of its use cases using live code demos in various browsers. Author: Nick Van Den Bleeken R&D Manager at Inventive Designers. Passionate about XML related technologies, mobile, cloud, web and document technology in general. Editor of the XForms specification.
Views: 82 Parleys
DPAPI and DPAPI-NG: Decrypting All Users’ Secrets and PFX Passwords - Paula Januszkewicz
 
01:02:22
Insomni'hack 2018 Title: DPAPI and DPAPI-NG: Decrypting All Users’ Secrets and PFX Passwords Speaker: Paula Januszkewicz CQURE Team takes DPAPI (Data Protection API) and DPAPI-NG research to the completely next level! During this session you will hear about 2 great discoveries we made, first is about how to decrypt DPAPI protected data by leveraging usage of the private key stored as a LSA Secret on a domain controller (we have called it a ‘backup key’ and it is a key corresponding to the backup public key stored in the domain user’s profile). The backup key allows decrypting literally all of the domain user’s secrets (passwords / private keys / information stored by the browser). In other words, someone having the backup key is able to take over all of the identities and their secrets in the whole enterprise. It is crucial to know how this is happening! Another variant of DPAPI is DPAPI-NG used in the SID-protected PFX files and when in the previous discovery CQURE Team is able to get access to user’s secrets, here it is a bit different! Come to the session and see our second discovery about how to decrypt SID-protected PFX files even without access to user’s password but just by generating the SID and user’s token! Paula Januszkiewicz, CEO and security researcher, will present the unique team’s findings of how to get access to users’ secrets by possessing the backup key from the domain and how to decrypt the PFX files passwords. Both demonstrations are key DPAPI breakthrough that can also cause serious implications if not managed well. Tools included. Our research affects Windows 8, Windows 8.1, Windows 10 and related Windows Server.
Views: 969 Scrtinsomnihack
Playing Defence with PBKDF2
 
28:25
Jeff Goldberg (@jpgoldberg) from AgileBits, speaking at Passwordscon in Las Vegas, July 30-31, 2013. Hashcat sped up cracking the 1Password Agile Keychain due, in part, to a design flaw in PBKDF2. I tell the story of the flaw, how it bit us, and our response from the defender's point of view.
Views: 1555 Per Thorsheim
How To Protect Passwords
 
02:48
This is a little informational series about how to properly hash and store your user's passwords. The series is not finished yet since I should focus on my university courses rather than my hobby side-projects ;) In short: a recommendation is per user salting: generate a long hash with a CSPRNG, prepend to password, hash the resulting String with PBKDF2 and store both the salt and the hash in the user database.
Views: 36 Philip Hofmann
How Passwords Get Hacked, And How Hashes Protect Your Login
 
05:02
Did you know WordPress doesn't even know your password? It stores it as a hash. If you salt your hash, that makes the password very, very difficult to recover.
Views: 4709 Biz of Tech
Optimizing the Computation of Hash Algorithms as an Attacker
 
30:20
Jens Steube (atom, author of @hashcat), speaking at Passwordscon in Las Vegas, July 30-31, 2013. -- Details are presented that explain how Hashcat optimizes the computation of MD5, NTLM, SHA1, PBKDF2 etc. Most hash algorithms are designed to generate digests of large data inputs, but many developers use them to store passwords. By doing this, all hash algorithms can be optimized in some way to compute the hashes for password cracking; some more, some less. I'll show some general optimization techniques and how they are used in Hashcat, which is what makes Hashcat fast.
Views: 1087 Per Thorsheim
What's Up Argon2? The Password Hashing Winner A Year Later - JP Aumasson
 
24:59
What's Up Argon2? The Password Hashing Winner A Year Later - JP Aumasson Passwords BSidesLV 2016 - Tuscany Hotel - Aug 03, 2016
Views: 1662 BSidesLV
Hashing Salts Solution - Web Development
 
00:59
This video is part of an online course, Web Development. Check out the course here: https://www.udacity.com/course/cs253.
Views: 320 Udacity
Aaron Toponce (eightyeight) -  Correctly Hashing Passwords
 
51:03
We'll discuss what it takes to correctly hash user-supplied passwords. Despite common belief, this does not include MD5, SHA-1, SHA-2, or even the newly baked SHA-3. This talk will be highly targeted at developers- specifically those designing web application login pages, and those designing userspace applications such as encrypted databases or password managers. We'll go at depth into the following algorithms: * sha256crypt * sha512crypt * PBKDF2 * bcrypt * scrypt * Argon2
Views: 73 SaintCon 2016
On the Economics of Offline Password Cracking
 
21:55
On the Economics of Offline Password Cracking Jeremiah Blocki (Purdue University) Presented at the 2018 IEEE Symposium on Security & Privacy May 21–23, 2018 San Francisco, CA http://www.ieee-security.org/TC/SP2018/ ABSTRACT We develop an economic model of an offline password cracker which allows us to make quantitative predictions about the fraction of accounts that a rational password attacker would crack in the event of an authentication server breach. We apply our economic model to analyze recent massive password breaches at Yahoo!, Dropbox, LastPass and AshleyMadison. All four organizations were using key-stretching to protect user passwords. In fact, LastPass' use of PBKDF2-SHA256 with $10^5$ hash iterations exceeds 2017 NIST minimum recommendation by an order of magnitude. Nevertheless, our analysis paints a bleak picture: the adopted key-stretching levels provide insufficient protection for user passwords. In particular, we present strong evidence that most user passwords follow a Zipf's law distribution, and characterize the behavior of a rational attacker when user passwords are selected from a Zipf's law distribution. We show that there is a finite threshold which depends on the Zipf's law parameters that characterizes the behavior of a rational attacker --- if the value of a cracked password (normalized by the cost of computing the password hash function) exceeds this threshold then the adversary's optimal strategy is always to continue attacking until each user password has been cracked. In all cases (Yahoo!, Dropbox, LastPass and AshleyMadison) we find that the value of a cracked password almost certainly exceeds this threshold meaning that a rational attacker would crack all passwords that are selected from the Zipf's law distribution (i.e., most user passwords). This prediction holds even if we incorporate an aggressive model of diminishing returns for the attacker (e.g., the total value of $500$ million cracked passwords is less than $100$ times the total value of $5$ million passwords). On a positive note our analysis demonstrates that memory hard functions (MHFs) such as SCRYPT or Argon2i can significantly reduce the damage of an offline attack. In particular, we find that because MHFs substantially increase guessing costs a rational attacker will give up well before he cracks most user passwords and this prediction holds even if the attacker does not encounter diminishing returns for additional cracked passwords. Based on our analysis we advocate that password hashing standards should be updated to require the use of memory hard functions for password hashing and disallow the use of non-memory hard functions such as BCRYPT or PBKDF2.
i-DENTITY Mobile Productivity Suite....
 
01:51
The United States Department of Defense (US DoD) has mandated the use of Public Key Infrastructure (PKI) certificates for employees to "sign" documents digitally, encrypt and decrypt email messages, and establish secure online network connections. In compliance with DoD regulations, the i-DENTITY Mobile Productivity Suite allows the PKI certificates to be stored securely on the mobile device (soft-token) or be retrieved from a Smart Card (CAC -- PIV -- but also government issued eID - ...). The i-DENTITY i-Crypt mobile app provides applications access to the hardware certificates on the CAC via standards based Public Key Cryptography Standards (PKCS) APIs. In addition, the i-Crypt mobile app allows 3rd party apps to be secured by the CAC card, providing an additional level of mobile security. Issued by the National Institute of Standards and Technology (NIST), the Federal Information Processing Standard (FIPS) is a US security standard that helps ensure companies that collect, store, transfer, share and disseminate sensitive but unclassified (SBU) information and controlled unclassified information (CUI) can make informed purchasing decisions when choosing devices to use in their workplace. The i-DENTITY Mobile Productivity Suite meets the requirements for FIPS 140-2 Level 1 certification for both data-at-rest (DAR) and data-in-transit (DIT). The Mobile Productivity Suite support for DIT covers the following: - Web browser (HTTPS) - Email (S/MIME)* - IPSec VPN* *only on Android, not yet available for iOS The i-Store On-device Data Encryption (ODE) feature allows users and enterprise IT administrators to encrypt data on the entire device. The ODE feature uses a FIPS 140-2 certified Advanced Encryption Standard (AES) cipher algorithm with a 256-bit key (AES-256) and offers the levels of security required by government and regulated industries such as healthcare and finance. The key utilized for this encryption is developed from a user-created passphrase using well-known key-derivation algorithms such as Password-Based Key Derivation Function 2 (PBKDF2).
Views: 66 Marc Vanryckeghem
Server Side JavaScript - Security Password 4 : pbkdf2
 
12:49
생활코딩은 일반인에게 프로그래밍을 알려주는 활동입니다. 더 많은 정보를 원하시면 http://opentutorials.org/course/1를 방문해주세요.
Views: 3985 생활코딩
Login Form with Bcrypt Password in ASP.NET MVC and SQL Server
 
25:52
In this video, I will demo how to make Login Form with Bcrypt Password in ASP.NET MVC and SQL Server To download all sources code for this demo. Please pay for me $10 to my PayPal Account: [email protected] ====================================================== You can see and download source code demo from my Apps at https://play.google.com/store/apps/developer?id=PMK+Lab ====================================================== You also can buy my apps in http://codecanyon.net/user/octopuscodes/portfolio ====================================================== You also can read my blog in http://learningprogramming.net/ ====================================================== You also can learn Microsoft Office in https://www.youtube.com/channel/UCFrMOR6KF4cpa92OOPRyOng ====================================================== TODAY IS A GREAT DAY TO LEARN SOMETHING NEW! ====================================================== Learning Programming videos help teach you about programming languages:Joomla, wordpress, drupal, magento, html template, free admin template, free bootstrap admin templates, SilverStripe, Cake PHP, CodeIgniter, Concrete5, Modx, ExpressionEngine, Alfresco,TYPOlight, laravel, magento, angularjs, node.js, html, css, javascript, jquery, java, .net, wamp server, xampp, php, mysql, sql server, oracle, open sources, android, hibernate, jpa, html5, jquery
Views: 2276 Learning Programming
Password Technologies to Protect from Data Breaches
 
12:56
This video will discuss best practices for securing your users in the event that a hacker is able to hack your application. While it may not be possible to prevent all data breaches, it is possible to make it very difficult for attackers to steal your users passwords by following these tips. We will look at how password technology works and how we can better secure passwords by using technologies such as PBKDF2 and Bcrypt. Python code located here: https://drive.google.com/folderview?id=0BzI5uozK68o_UnZsRnVWb1U5dnM&usp=sharing Check out my blog at securearchitectures.com
Views: 174 Daniel Lohin
Blockchain tutorial 28: Bitcoin Improvement Proposal 39 (BIP-39) mnemonic words
 
17:45
This is part 28 of the Blockchain tutorial. In this video series different topics will be explained which will help you to understand blockchain. It is recommended to watch each video sequentially as I may refer to certain Blockchain topics explained earlier. WHAT IS A WALLET -------------------------------- A wallet stores private keys. The word wallet is misleading, it just stores private keys and not the coins. The public addresses are automatically derived from the private keys. If you open your Bitcoin wallet and one of your Bitcoin addresses shows that is has a balance of 5 BTC, than these bitcoins are not actually stored in your wallet. It means that these 5 bitcoins were transferred to your Bitcoin address during a transaction. This transaction (TX) information is stored on the blockchain. Your wallet queries the blockchain and searches for Unspent TX Outputs (UTXO) for all your Bitcoin addresses to display their balances. The bitcoins on these UTXO can be unlocked and transferred to another Bitcoin address using the private keys stored in the wallet. NON-DETERMINISTIC WALLET ------------------------------------------------- Wallets stores private keys but they also create these private keys. The private keys are randomly generated numbers which are not related to each other. You can not derive these private keys with an algorithm. Hence the words "non-deterministic". If you use a non-deterministic wallet you must make regular backups of these private keys. If you have problems with your wallet, you can restore your wallet by importing the backupped private keys. Explaining a non-deterministic wallet (for educational purpose only), see: https://www.mobilefish.com/services/cryptocurrency/cryptocurrency.html DETERMINISTIC WALLET ----------------------------------------- A deterministic wallet uses 12 - 24 words to create a 512 bit seed. These words are called mnemonic words, because they are more easily to remember than this long hexadecimal string. The 512 bit seed is used to create a master private key. This master private key in turn is used to create private keys and corresponding public addresses. Generally speaking using these 12 - 24 words will complete restore your wallet with exactly the same private keys and corresponding public addresses. Hence the word "deterministic". It is imperative that you safely store these 12 - 24 words, without it you have no access to your private keys. To see how an Ethereum deterministic wallet works, see YouTube movie: https://youtu.be/cqz8-hOz_nk BIP-39 ----------- The acronym BIP means Bitcoin Improvement Proposal. BIPs are design documents for introducing features or information to Bitcoin. An overview can be found at: https://github.com/bitcoin/bips BIP-39 describes the implementation of mnemonic words for the generation of deterministic wallets, see: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki BIP-39 is becoming an industry standard which is not only used for Bitcoin wallets but it is also used in Ethereum, Dash and other Altcoin wallets. The wordlist can be found at: https://github.com/bitcoin/bips/blob/master/bip-0039/bip-0039-wordlists.md For additional security you can allow users to enter a passphrase. Use the Password-Based Key Derivation Function 2 (PBKDF2) together with the mnemonic phrase and salt to produce a 512 bits seed. If an attacker gets its hands on your mnemonic words the passphrase (it you have set it) will prevent the attacker to access the private keys. PBKDF2 is purposefully made slow to make brute force dictionary attack very difficult. The 512 bit seed is used to generate deterministic wallets. How to generate deterministic wallets is explained in BIP-32 and BIP-44. It is important to know that each time you enter a different passphrase it will generate a valid 512 bit seed and thus a valid wallet with valid public and private key pairs. This feature can help you limit your loss after a 5$ wrench attack. You can setup a second deterministic wallet with some coins to satisfy the attacker. If you do not know what a 5$ wrench attack is watch this comic: https://xkcd.com/538/ Storing your passphrase at the same location as your mnemonic words is not recommended and beats the purpose. But if you lose your passphrase, you have lost access to your coins. A JavaScript implementation of BIP-39 can be found at: https://github.com/bitcoinjs/bip39 How this JavaScript library is used see: https://www.mobilefish.com/download/ethereum/bip39.html A Mnemonic Code Converter web application can be found at: https://iancoleman.github.io/bip39 Check out all my other Blockchain tutorial videos https://goo.gl/aMTFHU Subscribe to my YouTube channel https://goo.gl/61NFzK The presentation used in this video tutorial can be found at: https://www.mobilefish.com/developer/blockchain/blockchain_quickguide_tutorial.html #mobilefish #blockchain #bitcoin #cryptocurrency #ethereum
Views: 8258 Mobilefish.com
Crack WPA/WPA2-PSK using aircrack-ng
 
02:47
Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols to secure wireless computer networks. WPA was developed as a replacement to broken Wired Equivalent Privacy (WEP) in 2003, as WEP can be bypassed very easily and effectively using various methods. WPA uses RC4 stream cipher based Temporal Key Integrity Protocol (TKIP) to ensure that each data packet is transmitted with a unique encyption key, thereby preventing the types of attacks that compromised WEP. However, a flaw has been discovered on TKIP based WPA which relies on chopchop attack used in WEP cracking. TKIP is much stronger than a cyclic redundancy check algorithm (CRC) used in WEP, but not as strong as the Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol (CCMP) algorithm used in WPA2. WPA2 uses Advanced Encryption Standard (AES) block cipher based CCMP. It is stronger than TKIP in both privacy and integrity. Authentication modes : 1. WPS mode 2. Personal mode 3. Enterprise mode WPS mode has already been discussed and exploited in previous video. Here is the link in case you missed it https://youtu.be/7XYt5-FeB7U PERSONAL or PSK mode was designed for home and small office networks. This mode use a 256 bit key to encrypt the network traffic, which is a string of 64 hexadecimal digits or a passphrase of 8 to 63 printable ASCII characters. If ASCII characters are used, the 256 bit key is calculated by applying the PBKDF2 key derivation function to the passphrase, using the SSID as the salt and 4096 iterations of HMAC-SHA1. Personal mode is available in both WPA and WPA2, which is the topic of this video. The authentication takes place by a 4-way handshake in both PSK and Enterprise mode. Initial authentication is done using PSK or EAP exchange to ensure the client is authenticated to the access point (AP). After PSK authentication a secret shared key is generated called Pairwise Master Key (PMK). The PSK is derived from a password that is put through PBKDF2-SHA1 as the cryptographic hash function. In a pre-shared-key network, the PSK is actually the PMK. For AP and client exchanging encrypted data, both need to have the right key(s) installed. Each time a client (Supplicant) associates to an AP (Authenticator), new Pairwise Temporal/Transient Key (PTK) is generated, which is unique for each connected client. In case of Broadcast and Multicast frames, all clients use the same Groupwise Temporal Key (GTK) that don’t require a new generation for each association. The function to generate a Pairwise Temporal Key (PTK) is known as a Pseudo Random Function (PRF): PTK = PRF(PMK + ANonce + SNonce + APMAC + SMAC) Nonce is number used once and are pseudo random numbers. Anonce and Snonce are AP and STA (client or station) nonces respectively. APMAC and SMAC are MAC addresses of AP and STA respectively. The 4-way handshake takes place as follows : 1. The AP sends Anonce to the client or STA. 2. The client sends the SNonce to the AP protected by a cryptographic hash (HMAC-SHA1) called Message Integrity Code (MIC) for integrity of this message. The message also includes the Robust Security Network Information Element (RSN IE). 3. The AP constructs and sends the GTK and a sequence number together with another MIC. 4. The Supplicant acknowledges the installation of PTK and GTK afterwards, encrypted Unicast and Broadcast/Multicast transmission can start now. Using aircrack along with a dictionary or crunch bruteforce can take from fews minutes to lifetime to crack the passkey. However, the things can be accelerated using rainbow tables, precomputed hashes, GPU power. A long random alphanumeric password containing upper and lower case letters and special characters is beyond the of computation power available till now. However no one uses such passwords instead people use passwords which are easy to remember, and hence are vulnerable to such attacks. So, in order to speeed up the cracking process what we do is that we use precomputed hashes, and hence saving the conversion time required to hash all words in a wordlist. Rainbow tables come up with precomputed hashes for most commonly used SSIDs. Remember two different SSIDs with same password will produce different hashes. So in order to use rainbow table against captured hash one must ensure first the target network's SSID is present in most commonly used 1000 SSIDs list. In case your SSID is not present in that list then you cant create your own rainbow table using tools like RainbOwCrack. We can make our own hashes for a partical SSID using genpmk and testing the created hashes against captured hash using another tool called cowpatty. In order to use GPU power we can use tools loke oclHashCat, which uses GPU power along with CPU power to crack the wifi key. I am going to cover all these topics in coming tutorials.
Views: 740 sh4dy rul3zz
Sikkerhed: Key management and infrastructures
 
10:03
http://cs.au.dk/~rav/academy/ * Motivation * KDC * Certifikat * CA * Password security
Views: 23 thatmartolguy
[PJUG] Tomasz Borowiec - The Slower the Stronger: A Story of Password Hash Migration
 
53:48
Did you know that a single modern GPU is able to compute almost 20 billion MD5 hashes in a second? That’s why we need SLOW hashing algorithms! This talk is a case study of a successful migration of www.ocado.com customer password hashes. I will not only show you the “why”, “what” and “how”, but also what was problematic, what went wrong and how we dealt with it. I will talk about slow hashing algorithms - such as Argon2, PBKDF2, BCrypt or SCrypt - and compare them to other popular hashing algorithms - like MD5 or SHA1. Next, I will tell you a story of hashes which took about 80 ms to compute - not slow enough, fairly easy to crack. I will show you what our password hashing code looks like and I will guide you through our migration plan, describing in detail how we executed it, and what problems we encountered on the way.
Views: 127 Polish JUG
Key stretching
 
08:06
In cryptography, key stretching refers to techniques used to make a possibly weak key, typically a password or passphrase, more secure against a brute force attack by increasing the time it takes to test each possible key. Passwords or passphrases created by humans are often short or predictable enough to allow password cracking. Key stretching makes such attacks more difficult. Key stretching is sometimes referred to as "key strengthening", although the latter term originally referred to another technique with significantly different security and performance properties. This video is targeted to blind users. Attribution: Article text available under CC-BY-SA Creative Commons image source in video
Views: 812 Audiopedia
C# 6.0 Tutorial - Advanced - 74. How to Use Rfc2898DeriveBytes Class
 
09:06
Learn more free at my blog http://www.manuelradovanovic.com If you have any question please feel free to ask. Subscribe me on YouTube, please! Thank You!
Views: 270 Manuel Radovanovic