Mohammad Zakie Faiz Rahiemy, Parman Sukarno, E. Jadied
{"title":"虚拟密码认证方案加固","authors":"Mohammad Zakie Faiz Rahiemy, Parman Sukarno, E. Jadied","doi":"10.1109/ICOICT.2018.8528757","DOIUrl":null,"url":null,"abstract":"Although Internet has become one of most important parts and mostly needed by societies, that does not mean Internet is a safe place to share sensitive data. One of many unsolved Internet attacks is key-logger which is used to steal victim's data such as passwords. Researchers have done a lot of research to overcome these attacks. However, the authentication system still lacks password complexities which can be compromised with short cracking time and limited generated passwords. Therefore, we proposed a virtual password method that has the following rules: i) has minimum and maximum limit of password and ii) the generated passwords are not limited only to letters, but also numbers and symbols. With those rules, by using Kaspersky Lab secure password measurement, the cracking time can be significantly increased to 9 centuries on the conficker botnet with 10 million cores of processors. Moreover, by using Password Meter the proposed method gets score of 171.","PeriodicalId":266335,"journal":{"name":"2018 6th International Conference on Information and Communication Technology (ICoICT)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2018-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Hardening the Virtual Password Authentication Scheme\",\"authors\":\"Mohammad Zakie Faiz Rahiemy, Parman Sukarno, E. Jadied\",\"doi\":\"10.1109/ICOICT.2018.8528757\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Although Internet has become one of most important parts and mostly needed by societies, that does not mean Internet is a safe place to share sensitive data. One of many unsolved Internet attacks is key-logger which is used to steal victim's data such as passwords. Researchers have done a lot of research to overcome these attacks. However, the authentication system still lacks password complexities which can be compromised with short cracking time and limited generated passwords. Therefore, we proposed a virtual password method that has the following rules: i) has minimum and maximum limit of password and ii) the generated passwords are not limited only to letters, but also numbers and symbols. With those rules, by using Kaspersky Lab secure password measurement, the cracking time can be significantly increased to 9 centuries on the conficker botnet with 10 million cores of processors. Moreover, by using Password Meter the proposed method gets score of 171.\",\"PeriodicalId\":266335,\"journal\":{\"name\":\"2018 6th International Conference on Information and Communication Technology (ICoICT)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-05-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 6th International Conference on Information and Communication Technology (ICoICT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICOICT.2018.8528757\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 6th International Conference on Information and Communication Technology (ICoICT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOICT.2018.8528757","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Hardening the Virtual Password Authentication Scheme
Although Internet has become one of most important parts and mostly needed by societies, that does not mean Internet is a safe place to share sensitive data. One of many unsolved Internet attacks is key-logger which is used to steal victim's data such as passwords. Researchers have done a lot of research to overcome these attacks. However, the authentication system still lacks password complexities which can be compromised with short cracking time and limited generated passwords. Therefore, we proposed a virtual password method that has the following rules: i) has minimum and maximum limit of password and ii) the generated passwords are not limited only to letters, but also numbers and symbols. With those rules, by using Kaspersky Lab secure password measurement, the cracking time can be significantly increased to 9 centuries on the conficker botnet with 10 million cores of processors. Moreover, by using Password Meter the proposed method gets score of 171.