- Birthday Attack
- Rainbow Tables
- Weak Implementation
A birthday attack is an attack on hashed password that utilizes the same logic as the birthday problem. Which is to say, even if there are many different possible hashing outputs, you are likely to find two different inputs with the same hash.
The amount of attempts required for a probable match is less than one might think, for example:
- 1 in 21 (4%) chance to match after 100 attempts if there were 100,000 unique hashes.
- 1 in 3 (39%) chance to match after 100 attempts if there were 10,000 unique hashes.
Keep in mind, while more unique hashes exist, hashes can be brute-forced at a rate of hundreds per second.
A rainbow table is a table of common hashes for plaintext while using various hashing algorithms. These tables are pre-calculated so an attacker has to do little work to utilize one.
A Rainbow table can be compared to a master password file of corporate users, and if the rainbow table is able to successfully discover a user’s password, then you know one of two things must be true (or both).
-The user’s password is weak.
-The hash algorithm used by the company is weak.
Attackers can also build their own rainbow table while attempting to brute-force a hash.
A dictionary attack is similar to a brute-force but instead of systematically working through otherwise random passwords, a dictionary attack goes after common passwords first.
This way, passwords like “password” or “12345” would be quickly broken.
Companies can mitigate this attack by training user on secure password usage and by enforcing a strict password policy. The dictionary attack can still be successful, but it prevents those easy passwords from being discovered quickly.
Weak encryption based attacks target the implementation or the algorithm itself, that is used in implementing password based authentication.
If the attacker has access to the location where the passwords are stored, and if there are suitable conditions for the attacker to break the passwords, then it is pretty much a situation of compromise.
A brute-force attack is an attempt to manually guess a password, pin, or any other passphrase-like authentications in order to gain access to an account or system.
Alternatively, the attacker can attempt to guess an encryption key using a program or algorithm.
In theory, any key could be bruteforced, but some forms of encryption are estimated to require so much time to break, that it is considered statistically impossible.
A downgrade attack is an attack that forces a system to utilize a weaker form of encryption or security. This way, the attacker can have an easier time breaking the weaker encryption as opposed to the previously implemented one.
Or, if possible, to force the target system to abandon encryption entirely.
This type of attack can be a result of a main in the middle attack, which all of the user’s traffic is sent through a malicious device. The attack negotiates the user’s connection to use a weaker encryption.
This can be prevented by not allowing a user to use older versions of an application or protocol, forcing the latest and greatest security.