Dictionary attack
As a dictionary attack (german dictionary attack, French attaque par dictionnaire ) refers to (often called dictionary or wordlist ) to determine the method of cryptanalysis, an unknown password (or user name ) using a password list.
One uses this method if it can be assumed that the password consists of a meaningful combination of characters. This experience has shown that most often the case. Another promising, this method is only if as many passwords can be tried quickly.
Possible targets
For this purpose, a distinction of active and passive objects of attack:
An active attack object is an instance, which checks the correctness of the password and grants or denies access. This is for example when logging in on a web page the case. In active attack objects, the possibilities of the dictionary attack are very limited because it is frequently prevented any further attempt after a certain number of failed attempts (similar to the PIN at the ATM, which can be entered incorrectly more than three times). Also, the attacker leaves traces in the log files of the server.
Under a passive object of attack is defined as a ciphertext. The password is not verified by an instance. The correct password results due to the encryption method used directly to decrypt the text. The attacker can try many more passwords in less time here. The speed depends on the used by the attacker software and hardware as well as the encryption algorithm used. Even at well-equipped home computers can be performed per second, enough to do several hundred million arithmetic operations. The fastest supercomputer creates even 1.026 quadrillion calculations per second (as of March 2009).
The active vocabulary of a language is usually at 50,000 words. Thus, dozens of languages will be reviewed within a few seconds. A password consisting of only one or two words, therefore, is very uncertain in the encryption of texts.
Method
Through a special program, the entries of the password list are tried as a username or password. It is also possible to use two separate lists for username and password. However, is much more common to use a " Combo -List", a combined list of user name and password in the format " username: password ". Common programs for automated testing of passwords are John the Ripper and Cain & Abel.
Benefits
Especially the typical passwords (especially names or dates of birth ) are easy to find with this method. The duration of the execution, due to the reduced number of passwords to be tested is typically less than, for example, brute - force method, suggests the use of this method.
Disadvantages
In this method, an attacker has to rely on a good password list. As naturally itself does not contain the best list of possible passwords, can be found with this method, not any password. Extra small is the chance to find passwords, which consist of meaningless characters series.
Countermeasures
The only defense of the user against a dictionary attack is to use no easily guessable passwords. A method for creating passwords with guaranteed entropy is Diceware.
In order to mitigate the effects of an attack, a user should use a different password for each user account. Thus, a password of " cracked " page not be used in others.
The provider should attempt to thwart the attacker, so he needs as long as possible to try out many passwords. Usually a queue is helping active attack objects after entering an incorrect password installed. Here, however, the programmer must ensure that the attacker does not take multiple login attempts in parallel or can get access to equivalent passive objects of attack. In passive attack objects a similar delay is difficult to achieve. A useful variant is an extension of the required password length.
The user passwords should not be stored in plain text. As a rule, only the hash of the password is stored. If an attacker is able to gain possession of this file, it can initially do anything with the hash stored there. He must use the process described above under " passive objects of attack " by hashes the entries of a dictionary individually and compares the result with the encrypted password. Many would produce lists with hash → original word can be used, usually the password before hashing is a random value, called the Salt expanded. The random value is stored next to the hash.