Wednesday, 1 May 2013

PASSWORDS AND SECURITY - 1 (INTRO)

Hello guys sorry for being away for a year or something. So instead of all going nostalgic, lets cut the cribbing part and start with the work.

So in this post and the ones following it will contain post on this topic only.

Lets start with just passwords, this is an extremely common term found in our daily life of digital environment. Let it be a system, a website, a phone or any application, even minor applications contain security features. So how this whole mechanism works. Passwords being a basic string that a user thinks of to keep him/her secure. So a computer or an application cannot act like a person n just think of a password as correct or wrong. If even a person wants to store a password for that needs to store it somewhere. THIS whole mechanism gives us a hell of a lead in this whole scenario. As we know it is there, somewhere and stored, now how secure it is depends on the ones who designed it.

To explain what i just burped above in a much more technical and practical manner, lets take example of our beloved innocent victim as always windows o.s, what ever we enter as our password is stored in C:\Windows\System32\config\SAM, in this

  •  C:\ may vary according to the drive you installed your os in, but don't worry on Windows 7 this is not the issue, it forcefully changes the drive letter to C:\ to whichever it was installed to, and
  • also the last part the name itself varies in service packs of Xp editions, it goes from small letters to all caps in some. 
And you being a curious reader im pretty sure you must be checking out the folder rite now if you dint know that. Well people at the place are not so stupid. That file contains passwords as hashes not a plain string, this is a really interesting part of whole passwords security we will be doing that in a while.

So keeping this whole windows scene aside, lets focus on the basic working of them.

So to understand the working of this mechanism lets make on of ours only.
Here what we have is a simple c program which functions as a login panel.


What is does is a basic succes or fail response, if credentials are correct it prints login succesful ! otherwise failed ! on the basis of basic logic of length and value check.

Drawback ::
If you analyzed it correctly then you must have noticed the first drawback immediately that is the password being hardcoded inside the app itself, kills the user freedom.

NOTE
To some people this may be there requirement, but infact that is insecure and a rare scenario too.
The hardcoded password here "secret" can be easily extracted by basic disassembling procedures followed by experts. Password itself being in plain text is always insecure. And even providing this whole procedure a home-brew encryption never works out well until unless you are some extremely talented mathematician or something and ended up designing something of yours.

So focusing on providing user it freedom back, people have to design applications which provide scalability to the number of users and also the types of passwords. This again leaves us back to only one straight forward option that is outsource the passwords to another location. This gives us a good lead. Again what hits us back if how are we going to store the passwords, plain text is a blow in the face, So encrypting the string is the option.

Encryption in itself is an extensive field of research and requires patience to understand it.
Whatever i just explained above will make more sense if i will make you guys relate it to a daily life instance, lets take our windows os only.

To keep it extremely simple, i will give you a basic layout.
                                 
                                                    WINDOWS LOGIN
                                                                   | |
                                           YOU ENTER CREDENTIALS
                                                                   | |
                           -------------------------------------------------------------------------
                                   HERE ALL INTERNAL FUNCTIONING TAKES      
                                   PLACE WHERE THEY CHECK YOUR ENTERED  
                                   PASSWORD AND USERNAME COMBO AFTER
                               HASHING THEM WITH THE PREFERRED
                              TECHNIQUE FROM AN OUTSOURCED FILE
                              WHICH I TOLD YOU EARLIER >> "SAM".
                         ---------------------------------------------------------------------------
                                                                  | |
                                            ACCESS GIVEN IF CORRECT
                                                       ELSE DENIED !


Basically what we need to worry about is the box in dotted line, what happens behind the scenes,
this is just like being a doctor, if you know the thing in and out, you can treat it or you can kill it as well.

So with all that text i gave you above, it basically comes down to one simple thing, passwords let them be in any form, any platform or any thing, they follow a look-up technique, they compare and then show if your input is authentic or not.

Now for the people on the opposite side who have no clue of the passwords but we know the procedure involved, what can we do ??
This is an extremely simple question just like what will you do if you dont know something, you will gues it simply.
But guessing all the time never fits well, its time consuming if you dont have any constraints to your way of approach.
This gives us two techniques which can be used which are
  • Bruteforce - that is simply try to guess the correct value while trying every possible combination known to a living soul, this can be real time consuming and not a feasible option always.
  • Dictionary base - this is basically just guessing out the correct value from a limited set of possibilities what we have at hand at that instant.

I will discuss both of them in detail in next posts for each of them.

Hope you like it.
For any suggestions or queries plz comment below.
Thanks for reading.
Yinsain