Browse Prior Art Database

[AV100] Method for Detection of Tampering with System Password Files

IP.com Disclosure Number: IPCOM000206445D
Original Publication Date: 2011-Apr-26
Included in the Prior Art Database: 2011-Apr-26
Document File: 3 page(s) / 200K

Publishing Venue

Linux Defenders

Related People

Daniel Miller, University of North Carolina at Asheville: AUTHOR

Abstract

Virtually every operating system utilizes several methods to prevent unauthorized access to the system. While these methods differ in implementation and effectiveness, virtually every publicly utilized computer is secured by a password that restricts access to specific user accounts on that machine. Although password files are a necessity for securing computer systems, a password file alone is vulnerable to manipulation by an attacker. This invention detects tampering with the password file by signing the password file utilizing a public/private key system.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 3

Method for Detection of Tampering with System Password Files

Virtually every operating system utilizes several methods to prevent unauthorized access to the system. While these methods differ in implementation and effectiveness, virtually every publicly utilized computer is secured by a password that restricts access to specific user accounts on that machine.

For password authentication to occur locally on a machine, the password must be stored in some form on the computer itself. Typically, this means the password is stored on a hard drive in the form of a hash that is designed to be compared, not reversed. While this deterrent used to be sufficient, recent advances in technology have made this form of security inefficient. The password can be bypassed by either discovering the password by obtaining the hashes, and comparing them to the hash of every possible password (brute forcing), or by replacing the hash altogether with the pre-calculated hash of a known password. Both of these methods can easily be implemented if an attacker has physical access to a machine, and is able to boot the computer from removable media. Thus, reliance solely on a password hash stored in a password file is not sufficient for securing access to a system that may be stolen or subject to unauthorized access.

While there are some methods that can ensure the security of a system, such as encrypting the entire hard drive, or encrypting portions of the drive, these methods can be cumbersome, as they increase load on the CPU to perform constant decryption and encryption, and can in many cases reduce hard drive speed. Advances in hashing protocols has led to the development of stronger hashes that take much longer to crack, and can be salted to prevent the use of hash comparison lookups against pre- computed tables of hashes (rainbow tables). Unfortunately, once an attacker discovers the salt, which must be stored in some form on the machine, the attacker can then generate a hash with the proper salt for a known password, which will allow him full access to the system.

Detailed Description of Invention:

Although password files are a necessity for securing computer systems, a password file alone is vulnerable to manipulation by an attacker. This invention detects tampering with the password file by signing the password file utilizing a public/private key system. This adds an additional layer of security that ensures that password hashes cannot simply be replaced when the system is offline. After booting, when a user attempts to logon, the system verifies the authenticity of the password file, utilizing a public key that is optimally stored in a manner that it cannot be changed, e.g. within a TPM, a smartcard, or stored on an...