Analysis of password protected Document

  • Padmavathi Guddeti CRRa AIMSCS
  • Narendar Dharavath
  • Sriramudu
  • VenuNalla
Keywords: Password cracking, salt analysis, hash functions, cryptography, Attacks.

Abstract

Nowadays documents are sent through electronics communications channels like email, WhatsApp, telegram etc., in which document protection plays major role. Passwords are used to encrypt the documents of different formats. For these documents, security is based on passwords. In this research paper, we analyzed the encryption process involved in word documents (Procedure involved in document protection). We also discussed various password cracking possibilities and steps involved in the attacks. Also discussed various password cracking tools for analysis of password of doc files and performed salt analysis on the same. We analyzed the randomness of the salt for the same key at different times, with different name and also based on the size of the documents. We focused on John the Ripper (JtR) tool with single mode, word list, and incremental mode to reduce the file and memory complexity of brute force attack. Discussed performance analysis of password cracking based on CPU and GPUs. We analyzed the randomness of the salt for the same key with same document with different time and same documents with different name and size of the documents. We focused on John the Ripper (JtR) tool reducing the file and memory complexity of brute force attacks. Discussed performance analysis of password cracking based on CPU and GPUswith and without writing the dictionaries.

Downloads

Download data is not yet available.

References

Yu, F. and Huang, Y. 2015. An overview of study of password cracking. In 2015 International Conference on Computer Science and Mechanical Automation (CSMA). 25-29, IEEE.

Kelley, P.G., Komanduri, S., Mazurek, M.L., Shay, R., Vidas, T., Bauer, L., Christin, N., Cranor, L.F. and Lopez, J. 2012. Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms. In 2012 IEEE symposium on security and privacy. 523-537. IEEE.

Chanda, K. 2016. Password security: an analysis of password strengths and vulnerabilities. International Journal of Computer Network and Information Security.8(7), p.23.

Zhang, L.J., Yu, F. and Ji, Q.B. 2017. An Efficient Recovery Method of Encrypted Word Document. In Current Trends in Computer Science and Mechanical Automation. 1,40-48. Sciendo Migration.

Ah Kioon, M.C., Wang, Z.S. and Deb Das, S. 2013. Security analysis of MD5 algorithm in password storage. In Applied Mechanics and Materials. 347, 2706-2711. Trans Tech Publications Ltd.

Gauravaram, P. 2012, Security Analysis of salt|| password Hashes. In 2012 International Conference on Advanced Computer Science Applications and Technologies (ACSAT).25-30, IEEE.

Idris, Y.B., Ismail,S.A.,Azmi, N.F.M.,Azmi, A. and Azizan, A. 2017. Enhancement Data Integrity Checking Using Combination MD5 and SHA1 Algorithm in Hadoop Architecture. Journal of Computer Science & Computational Mathematics.7(3), 99-102.

Halderman, J.A., Waters, B. and Felten, E.W. 2005. A convenient method for securely managing passwords. In Proceedings of the 14th international conference on World Wide Web. 471-479.

Peslyak, A. 1996. John the ripper. URL http://www.openwall.com/john.

Hitaj, B., Gasti, P., Ateniese, G. and Perez-Cruz, F. 2019. Passgan: A deep learning approach for password guessing. In International Conference on Applied Cryptography and Network Security.217-237, Springer, Cham.

Melicher, W., Ur, B., Segreti, S.M., Komanduri, S., Bauer, L., Christin, N. and Cranor, L.F. 2016. Fast, lean, and accurate: Modeling password guessability using neural networks. In 25th {USENIX} Security Symposium ({USENIX} Security 16). 175-191.

Pal, B., Daniel, T., Chatterjee, R. and Ristenpart, T. 2019. Beyond credential stuffing: Password similarity models using neural networks. In 2019 IEEE Symposium on Security and Privacy (SP). 417-434, IEEE.

Hitaj, B., Gasti, P., Ateniese, G. and Perez-Cruz, F. 2019. Passgan: A deep learning approach for password guessing. In International Conference on Applied Cryptography and Network Security. 217-237, Springer, Cham.

Alpatskiy, M.A., Borzunov, G.I., Epishkina, A.V. and Kogos, K.G. 2020. New Approach in the Rainbow Tables Method for Human-Like Passwords. In 2020 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). 2035-2040, IEEE.

Glory, F.Z., Aftab, A.U., Tremblay-Savard, O. and Mohammed, N. 2019. Strong Password Generation Based On User Inputs. In 2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON). 0416-0423, IEEE.

Kaloudi, N. and Li, J. 2020. The ai-based cyber threat landscape: A survey. ACM Computing Surveys (CSUR).53(1), 1-34.

Published
2020-07-31
How to Cite
Guddeti, P., Dharavath, N., Sriramudu, & VenuNalla. (2020). Analysis of password protected Document. COMPUSOFT: An International Journal of Advanced Computer Technology, 9(7), 3762-3767. Retrieved from https://ijact.in/index.php/ijact/article/view/1174