Analysis of password protected document

Authors

  • Narendar D C.R. Rao Advanced Institute of Mathematics, Statistics and Computer Science, UoH Campus, Hyderabad, India
  • Sriramudu C.R. Rao Advanced Institute of Mathematics, Statistics and Computer Science, UoH Campus, Hyderabad, India
  • VenuNalla C.R. Rao Advanced Institute of Mathematics, Statistics and Computer Science, UoH Campus, Hyderabad, India

Keywords:

password cracking, salt analysis, hash functions, cryptography, attacks

Abstract

Nowadays, the documents are sent through electronics communications channels like email, WhatsApp, telegram etc., in which the document protection is of major concern. Passwords are used to encrypt the documents of different formats. In this research paper, we analyzed the encryption process involved in word documents (Procedure involved in document protection). We also discussed various password cracking possibilities and steps involved in the attacks including various password cracking tools for analysis of password for doc files and performed salt analysis on the same. We analyzed the randomness of the salt for the same key at different times, with different name and based on the size of the documents. We focused on John the Ripper (JtR) tool with single mode, word list, and incremental mode to reduce the file and memory complexity of brute force attack. We analyzed the randomness of the salt for the same key with same document with different time and the same documents with different name and size. We focused on John the Ripper (JtR) tool for reducing the file and memory complexity of brute force attacks. Also, we’ve discussed the performance analysis of password cracking based on CPU and GPUs with and without writing the dictionaries.

References

Yu, F. and Huang, Y. 2015. An overview of study of password cracking. In 2015 International Conference on Computer Science and Mechanical Automation (CSMA). 25-29, IEEE.

Kelley, P.G., Komanduri, S., Mazurek, M.L., Shay, R., Vidas, T., Bauer, L., Christin, N., Cranor, L.F. and Lopez, J. 2012. Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms. In 2012 IEEE symposium on security and privacy. 523-537. IEEE.

Chanda, K. 2016. Password security: an analysis of password strengths and vulnerabilities. International Journal of Computer Network and Information Security.8(7), p.23.

Zhang, L.J., Yu, F. and Ji, Q.B. 2017. An Efficient Recovery Method of Encrypted Word Document. In Current Trends in Computer Science and Mechanical Automation. 1,40-48. Sciendo Migration.

Ah Kioon, M.C., Wang, Z.S. and Deb Das, S. 2013. Security analysis of MD5 algorithm in password storage. In Applied Mechanics and Materials. 347, 2706-2711. Trans Tech Publications Ltd.

Gauravaram, P. 2012, Security Analysis of salt|| password Hashes. In 2012 International Conference on Advanced Computer Science Applications and Technologies (ACSAT).25-30, IEEE.

Idris, Y.B., Ismail,S.A.,Azmi, N.F.M.,Azmi, A. and Azizan, A. 2017. Enhancement Data Integrity Checking Using Combination MD5 and SHA1 Algorithm in Hadoop Architecture. Journal of Computer Science & Computational Mathematics.7(3), 99-102.

Halderman, J.A., Waters, B. and Felten, E.W. 2005. A convenient method for securely managing passwords. In Proceedings of the 14th international conference on World Wide Web. 471-479.

Peslyak, A. 1996. John the ripper. URL http://www.openwall.com/john.

Hitaj, B., Gasti, P., Ateniese, G. and Perez-Cruz, F. 2019. Passgan: A deep learning approach for password guessing. In International

Conference on Applied Cryptography and Network Security.217-237, Springer, Cham.

Melicher, W., Ur, B., Segreti, S.M., Komanduri, S., Bauer, L., Christin, N. and Cranor, L.F. 2016. Fast, lean, and accurate: Modeling password guessability using neural networks. In 25th {USENIX} Security Symposium ({USENIX} Security 16). 175-191.

Pal, B., Daniel, T., Chatterjee, R. and Ristenpart, T. 2019. Beyond credential stuffing: Password similarity models using neural networks. In 2019 IEEE Symposium on Security and Privacy (SP). 417-434, IEEE.

Hitaj, B., Gasti, P., Ateniese, G. and Perez-Cruz, F. 2019. Passgan: A deep learning approach for password guessing. In International Conference on Applied Cryptography and Network Security. 217-237, Springer, Cham.

Alpatskiy, M.A., Borzunov, G.I., Epishkina, A.V. and Kogos, K.G. 2020. New Approach in the Rainbow Tables Method for HumanLike Passwords. In 2020 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus). 2035-2040, IEEE.

Glory, F.Z., Aftab, A.U., Tremblay-Savard, O. and Mohammed, N. 2019. Strong Password Generation Based On User Inputs. In 2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON). 0416-0423, IEEE.

Kaloudi, N. and Li, J. 2020. The ai-based cyber threat landscape: A survey. ACM Computing Surveys (CSUR).53(1), 1-34.

Downloads

Published

2024-02-26

How to Cite

Narendar, D., Sriramudu, & VenuNalla. (2024). Analysis of password protected document. COMPUSOFT: An International Journal of Advanced Computer Technology, 9(07), 3762–3767. Retrieved from https://ijact.in/index.php/j/article/view/580

Issue

Section

Review Article