Explore the innovative approach to password vault security presented in this IEEE conference talk. Delve into the concept of cracking-resistant password vaults using natural language encoders, a method designed to combat offline brute-force attacks. Learn about the vulnerabilities in existing vault designs and discover how the proposed Natural Language Encoder (NLE) system generates plausible decoy passwords when decrypted with incorrect master passwords. Examine the implementation of NLEs using natural language processing tools like n-gram models and probabilistic context-free grammars. Gain insights into the NoCrack system, a full NLE-based cracking-resistant vault solution, and understand its potential limitations and real-world applications in enhancing password security.
Cracking-Resistant Password Vaults Using Natural Language Encoders
Overview
Syllabus
Introduction
Offline bruteforce attack
How easy is it
How Camouflage Works
The Real World
Decrypting
Attack Scenario
First Approach
Honey Encryption
Natural Language Included
Our Approach
Cracking
No Crack
Limitations
Summary
Taught by
IEEE Symposium on Security and Privacy
