"JOURNAL OF RADIO ELECTRONICS" (Zhurnal Radioelektroniki ISSN 1684-1719, N 3, 2018

contens of issue        DOI  10.30898/1684-1719.2018.3.12     full text in Russian (pdf)    

Forming a password hashing function, resistant to speeding through the values

 

Yu. B. Panfilov

LLC “BALTORGCENTRE”, 143900, Russia, Moscow region, Balashikha, Krupskaya street, 11

 

The paper is received on March 16, 2018

 

Abstract. Today, the problem of accelerated enumeration of the values of cryptographic functions with the help of optimized implementations of the corresponding algorithms for specially designed devices for this purpose is urgent.  It is also not a secret that most users of different information systems neglect the requirements of complexity when choosing passwords, often choosing a password from a rather limited set of possible values. In this case, the potentially attacked system faces the task of nullifying the technical equipment of the attacker, making the dictionary search economically inefficient, based on the realities of the current level of computer technology development. Changing the parameters of the algorithm, and not the algorithm itself, it is possible to achieve a significant difficulty in booting at the hardware level, if in the process of computing there are guaranteed "inconvenient" numbers for the computing device, which makes it difficult to search even for a significant number of cores. The article proposes a hash function with a key based on a mixed number system, which is resistant to this kind of optimization. It demonstrates its cryptographic resistance to basic attacks, scalability to various threat models and theoretical margin of safety.

Key words: authentication, mixed-base system, hash function, password hashing.

References

1. Colin Percival. Stronger key derivation via sequential memory-hard functions. cperciva@tarsnap.com [online resource]. BSDCan 2009 - The Technical BSD Conference, 05/09/2009 URL: http://www.bsdcan.org/2009/schedule/attachments/87_scrypt.pdf (date of circulation: 03/10/2014)
2. Jean-Phillippe Aumasson. Kudelski Security, Switzerland. Password Hashing: the Future is Now [online resource] BLACK HAT USA 2013. 11/07/2013 URL: https://media.blackhat.com/us-13/US-13-Aumasson-Password-Hashing-the-Future-is -Now-WP.pdf (date of circulation: 03/10/2014)
3. Intel Advanced Vector Extensions (Intel AVX) [Electronic resource] Intel Corporation [Officer. site] URL: https://software.intel.com/en-us/isa-extensions/intel-avx?_ga=2.140062833.391382544.1520326774-162056414.1520326735 (date of circulation: 01/03/2018)
4. AMD Radeon R9 video card [online resource]. 2015 Advanced Micro Devices, Inc. [Officer. site] URL: https://www.amd.com/ru-ru/markets/game/products/r9# (date of circulation: 01/03/2018)
5. Infographics: Operation Costs in CPU Clock Cycles [online resource] posted September 12, 2016 by "No Bugs" Hare, translated by Sergey Ignatchenko
URL: http://ithare.com/infographics-operation-costs-in-cpu-clock-cycles/ (date of circulation: 01/03/2018)
6. Lists of instruction latencies, throughputs and micro-operation breakdowns for Intel, AMD and VIA CPUs [online resource] By Agner Fog. Technical University of Denmark. Copyright 1996 - 2017. Last updated 2017-05-02. URL: http://www.agner.org/optimize/instruction_tables.pdf  (date of circulation: 01/03/2018)
 7. Noden P., Kitte K. Algebraic Algorithmics. Springer-Verlag, 1999. 426 p.
8. Panfilov B.A., Cherepnev M.A., Panfilov Yu.B. Electronic Locks Using Mixed-Base Notation Realized with a Resistive Memory Matrix on the Basis of Polar-Dependent Electromass Migration in Silicon. Journal of Communications Technology and Electronics,  2005, Vol. 50, No. 12, pp. 1413-1417
9. Panfilov B.A., Cherepnev M.A. A Symmetric Cryptosystem Involving a Mixed-Base Notation. Journal of Communications Technology and Electronics, 2008, Vol.53, No. 10, pp. 1314-1316
 10. Ferguson Niels, Schneier Bruce. Practical cryptography. Wiley, 2003, 432 p. ISBN 0471223573

 

References for Appl.1:

1. V.M. Fomichev. Diskretnaya matematika i kriptologiya [Discrete mathematics and cryptology]. Course of lectures. Edited by N.D.Podufalov. Moscow, DIALOG-MIFI Publ., 2003, 400 p. ISBN 5-86404-185-8
2. The Marsaglia Random Number CDROM including the Diehard Battery of Tests of Randomness [online resource] 1995. George Marsaglia. Florida State University. URL: https://web.archive.org/web/20160125103112/http://stat.fsu.edu/pub/diehard/ (date of circulation: 01/03/2018)

 

For citation:

Yu. B. Panfilov. Forming a password hashing function, resistant to speeding through the values. Zhurnal Radioelektroniki - Journal of Radio Electronics. 2018. No. 3. Available at http://jre.cplire.ru/jre/mar18/12/text.pdf.

DOI  10.30898/1684-1719.2018.3.12