Proposal / Submission Type
Peer Reviewed Paper
Location
Mori Hosseini Student Union: Event Center
Start Date
16-5-2019 11:00 AM
Abstract
Authentication and authorization to online sites is a difficult problem to solve without the use of cryptography. The standard method of using passwords is clearly an insecure method of authentication. A method of authenticating users utilizing a Latin square was developed by a security enthusiast and touted as secure. This paper demonstrates a novel method of cracking the Latin squares that are used to generate the secure passwords in the Off The Grid (OTG) password management scheme. Our method leverages the cores on Graphics Processing Unit (GPU) using the Compute Unified Device Architecture (CUDA) programming extension to efficiently solve the Latin squares used in the OTG password management solution. We developed a model that represents the possible states and the constraints of the OTG system. We show that the OTG system leaks information about its Latin square and we provide supporting evidence through examples and computation.
Scholarly Commons Citation
Miller, Matthew J.; Stroschein, Joshua; and Slayden, Stephanie, "Cracking the Off the Grid Password Solution" (2019). Annual ADFSL Conference on Digital Forensics, Security and Law. 5.
https://commons.erau.edu/adfsl/2019/paper-presentation/5
PDF version of PPT
Cracking the Off the Grid Password Solution
Mori Hosseini Student Union: Event Center
Authentication and authorization to online sites is a difficult problem to solve without the use of cryptography. The standard method of using passwords is clearly an insecure method of authentication. A method of authenticating users utilizing a Latin square was developed by a security enthusiast and touted as secure. This paper demonstrates a novel method of cracking the Latin squares that are used to generate the secure passwords in the Off The Grid (OTG) password management scheme. Our method leverages the cores on Graphics Processing Unit (GPU) using the Compute Unified Device Architecture (CUDA) programming extension to efficiently solve the Latin squares used in the OTG password management solution. We developed a model that represents the possible states and the constraints of the OTG system. We show that the OTG system leaks information about its Latin square and we provide supporting evidence through examples and computation.
