Abstract
Password-based key derivation functions (KDFs) are used to generate secure keys of arbitrary length implemented in many security-related systems. The strength of these KDFs is the ability to provide countermeasures against brute-force/dictionary attacks. One of the most implemented KDFs is PBKDF2. In order to slow attackers down, PBKDF2 uses a salt and introduces computational intensive operations based on an iterated pseudorandom function. Since passwords are widely used to protect personal data and to authenticate users to access specific resources, if an application uses a small iteration count value, the strength of PBKDF2 against attacks performed on low-cost commodity hardware may be reduced. In this paper we introduce the cryptographic algorithms involved in the key derivation process, describing the optimization techniques used to speed up PBKDF2-HMAC-SHA1 in a GPU/CPU context. Finally, a testing activity has been executed on consumer-grade hardware, and experimental results are reported.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In this section, we partially describe the SHA-1 algorithm. Further details can be found in [26].
References
C.E. Shannon, Prediction and entropy of printed English. Bell Syst. Tech. J. 30(1), 50–64 (1951)
H. Krawczyk, Cryptographic extraction and key derivation: the HKDF scheme. Cryptology ePrint Archive. Report 2010/264 (2010)
K. Moriarty, B. Kaliski, A. Rusch, PKCS# 5: password-based cryptography specification version 2.1. RFC 8018 (2017)
Password hashing competition. https://password-hashing.net/. Accessed 10 Nov 2018
A. Biryukov, D. Dinu, D. Khovratovich, Argon2 (version 1.2). University of Luxembourg, Luxembourg. https://password-hashing.net/submissions/specs/Argon-v3.pdf. Accessed 10 Nov 2018
C. Forler, S. Lucks, J. Wenzel, Catena: a memory-consuming password-scrambling framework. Cryptology ePrint Archive. Report 2013/525 (2013)
M.A. Simplicio Jr., L.C. Almeida, E.R. Andrade, P.C. dos Santos, P.S. Barreto, Lyra2: password hashing scheme with improved security against time-memory trade-offs. Cryptology ePrint Archive. Report 2015/136 (2015)
A. Peslyak, yescrypt – password hashing scalable beyond bcrypt and scrypt. Openwall, Inc. (2014). http://www.openwall.com/presentations/PHDays2014-Yescrypt/. Accessed 10 Nov 2018
T. Pornin, The MAKWA password hashing function (2015). http://www.bolet.org/makwa/makwa-spec-20150422.pdf. Accessed 10 Nov 2018
Wi-Fi alliance: discover wi-fi: specifications. https://www.wi-fi.org/discover-wi-fi/specifications. Accessed 10 Nov 2018
iOS security guide (2017). https://www.apple.com/business/docs/iOS_Security_Guide.pdf. Accessed 10 Nov 2018
C. Fruhwirth, LUKS on-disk format specification version 1.2.2 (2016). https://gitlab.com/cryptsetup/cryptsetup/wikis/LUKS-standard/on-disk-format.pdf. Accessed 10 Nov 2018
A. Visconti, H. Tahayori, Detecting misbehaving nodes in MANET with an artificial immune system based on type-2 fuzzy sets, in 2009 International Conference for Internet Technology and Secured Transactions (ICITST) (2009), pp. 1–2
M.T. Rahman, M.J.N. Mahi, Proposal for SZRP protocol with the establishment of the salted SHA-256 Bit HMAC PBKDF2 advance security system in a MANET, in 2014 International Conference on Electrical Engineering and Information Communication Technology (2014), pp. 1–5
Enpass. https://www.enpass.io. Accessed 10 Nov 2018
F-secure key. https://www.f-secure.com/en/web/home_global/key. Accessed 10 Nov 2018
AgileBits: how PBKDF2 strengthens your master password. https://support.1password.com/pbkdf2/. Accessed 10 Nov 2018
LassPass: password iterations (PBKDF2). https://helpdesk.lastpass.com/account-settings/general/password-iterations-pbkdf2/. Accessed 10 Nov 2018
Keeper: keeper’s best-in-class security. https://keepersecurity.com/security.html. Accessed 10 Nov 2018
A. Belenko, D. Sklyarov, “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really? Blackhat Europe (2012)
L. Casati, A. Visconti, Exploiting a bad user practice to retrieve data leakage on android password managers, in Proceedings of the 11th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2017 (Springer, Berlin, 2017)
L. Casati, A. Visconti, The dangers of rooting: data leakage detection in android applications. Mob. Inf. Syst. 2018, 6020461 (2018). https://doi.org/10.1155/2018/6020461
M.S. Turan, E.B. Barker, W.E. Burr, L. Chen, SP 800-132. Recommendation for password-based key derivation. Part 1: storage applications (2010). http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf. Accessed 10 Nov 2018
A. Visconti, S. Bossi, H. Ragab, A. Caló, On the weaknesses of PBKDF2, in Proceedings of the 14th International Conference on Cryptology and Network Security, CANS 2015. Lecture Notes in Computer Science, vol. 9476 (Springer, Berlin, 2015)
A. Visconti, F. Gorla, Exploiting an HMAC-SHA-1 optimization to speed up PBKDF2. IEEE Trans. Dependable Secure Comput. (2018). https://doi.org/10.1109/TDSC.2018.2878697
NIST: FIPS PUB 180-4. Secure Hash Standard (SHS) (2012). http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf. Accessed 10 Nov 2018
M. Bellare, R. Canetti, H. Krawczyk, Keying hash functions for message authentication, in Proceedings of Advances in Cryptology—CRYPTO96 (Springer, Berlin, 1996), pp. 1–15
M. Bellare, R. Canetti, H. Krawczyk, Message authentication using hash functions—the HMAC construction. RSA Lab. CryptoBytes 2(1), 12–15 (1996)
H. Krawczyk, M. Bellare, R. Canetti, HMAC: keyed-hashing for message authentication. RFC 2104
A. Ruddick, J. Yan, Acceleration attacks on PBKDF2: or, what is inside the black-box of oclHashcat? in Proceedings of the 10th USENIX Workshop on Offensive Technologies (2016)
J. Steube, Optimising computation of hash-algorithms as an attacker. https://hashcat.net/events/p13/js-ocohaaaa.pdf. Accessed 10 Nov 2018
NIST: FIPS PUB 198-1. The keyed-hash message authentication code (HMAC) (2008). http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf. Accessed 10 Nov 2018
Openssl, version: 1.1.0e. https://www.openssl.org/. Accessed 10 Nov 2018
Libgcrypt, version 1.7.6. https://www.gnupg.org/software/libgcrypt/index.html. Accessed 10 Nov 2018
hashcat, version 3.30. https://hashcat.net/hashcat/. Accessed 10 Nov 2018
OpenCL. https://www.khronos.org/opencl/. Accessed 10 Nov 2018
S. Bossi, A. Visconti, What users should know about full disk encryption based on LUKS, in Proceedings of the 14th International Conference on Cryptology and Network Security, CANS 2015. Lecture Notes in Computer Science, vol. 9476 (Springer, Berlin, 2015)
C. Percival, Stronger key derivation via sequential memory-hard functions (2009). https://www.tarsnap.com/scrypt/scrypt.pdf. Accessed 10 Nov 2018
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Iuorio, A.F., Visconti, A. (2019). Understanding Optimizations and Measuring Performances of PBKDF2. In: Woungang, I., Dhurandher, S. (eds) 2nd International Conference on Wireless Intelligent and Distributed Environment for Communication. WIDECOM 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 27. Springer, Cham. https://doi.org/10.1007/978-3-030-11437-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-11437-4_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-11436-7
Online ISBN: 978-3-030-11437-4
eBook Packages: EngineeringEngineering (R0)