Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Crypto analysis and its applications to password hashing
KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS.
2013 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Hash functions are a type of mathematical function that takes an input of arbitrary length and gives an output of fixed length, called a hash value. Many consider hash values to be sort of a “fingerprint” of some data, since they can be assumed to have unique outputs for any possible input. This assumption does not make a lot of sense, because the size of the input space is infinite while the size of the output space remains finite! It is, nevertheless, defensible because of the infeasibility of finding two inputs that yield the same hash value. Hash functions are often used to store passwords in databases since it is not feasible either to go from a hash value to a preimage. By saving the hash value rather than the password and checking the hash value of the user’s input it is possible to check passwords without the need to store them, which is an advantage if one wants to control the damage of a possible data leakage. This work researches different cryptanalytic techniques for searching for preimages to hash values in a password-cracking context. A 27% increase in performance is gained using a time/memory tradeoff instead of naively iterating through password candidates. The attack is also demonstrated in practice, where it attains a 50% improvement. The data is then analyzed and discussed for the purpose of assessing the implementability of the attacks in already existing cracking implementations.

 

Place, publisher, year, edition, pages
2013. , 81 p.
Series
TRITA-ICT-EX, 2013:200
National Category
Information Systems
Identifiers
URN: urn:nbn:se:kth:diva-142651OAI: oai:DiVA.org:kth-142651DiVA: diva2:703992
Subject / course
Communications Systems
Educational program
Master of Science -Security and Mobile Computing
Examiners
Available from: 2014-03-10 Created: 2014-03-10 Last updated: 2014-03-10Bibliographically approved

Open Access in DiVA

fulltext(538 kB)452 downloads
File information
File name FULLTEXT01.pdfFile size 538 kBChecksum SHA-512
54369dadc91a25b5c38dc1d4eeedc47bcf56811fe1f2250e71504f556cbe60340cfc58c01d26c841ee4aa4f88282361dfb49591b6720cea42c877506f80526f9
Type fulltextMimetype application/pdf

By organisation
Communication Systems, CoS
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 452 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 249 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf