PRESS-NEWS.org - Press Release Distribution
PRESS RELEASES DISTRIBUTION

Strong protection for weak passwords

Strong protection for weak passwords
2011-04-21
(Press-News.org) The passwords of the future could become more secure and, at the same time, simpler to use. Researchers at the Max Planck Institute for the Physics of Complex Systems in Dresden have been inspired by the physics of critical phenomena in their attempts to significantly improve password protection. The researchers split a password into two sections. With the first, easy to memorize section they encrypt a Captcha – an image that computer programs per se have difficulty in deciphering. The researchers also make it more difficult for computers, whose task it is to automatically crack passwords, to read the passwords without authorization. They use images of a simulated physical system, which they additionally make unrecognizable with a chaotic process. These p-Captchas enable the Dresden physicists to achieve a high level of password protection, even though the user need only remember a weak password.

Computers sometimes use brute force. Hacking programs use so-called brute-force attacks to try out all possible character combinations to guess passwords. CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are therefore intended as an additional safeguard the input of which originates from a human being and not from a machine. They pose a task for the user which is simple enough for any human, yet very difficult for a program. Users must enter a distorted text which is displayed on the screen, for example. Captchas are increasingly being bypassed, however. Personal data of members of the "SchülerVZ" social network for school pupils have already been stolen in this way.

Researchers at the Max Planck Institute for the Physics of Complex Systems in Dresden have now developed a new type of password protection that is based on a combination of characters and a Captcha. They also use mathematical methods from the physics of critical phenomena to protect the Captcha from being accessed by computers. "We thus make the password protection both more effective and simpler," says Konstantin Kladko, who had the idea for this interdisciplinary approach during his time at the Dresden Max Planck Institute; he is currently a researcher at Axioma Research in Palo Alto/USA.

The Dresden-based researchers initially combine password and Captcha in a completely novel way. The Captcha is no longer generated anew each time in order to distinguish the human user from a computer on a case-by-case basis. Rather, the physicists use the codeword in the image, which can only be deciphered by humans as the real password, which provides access to a social network or an online bank account, for example. The researchers additionally encrypt this password using a combination of characters.

However, that's not all: the Captcha is a snapshot of a dynamic, chaotic Hamiltonian system in two dimensions. For the sake of simplicity, his image can be imagined as a grey-scale pixel matrix, where every pixel represents an oscillator. The oscillators are coupled in a network. Every oscillator oscillates between two states and is affected by the neighbouring oscillators as it does so, thus resulting in the grey scales.

Chaotic development makes password unreadable

The physicists then leave the system to develop chaotically for a period of time. The grey-scale matrix changes the colour of its pixels. The result is an image that no longer contains a recognizable word. The researchers subsequently encrypt this image with the combination of characters and save the result. "We therefore talk of a password-protected Captcha or p-Captcha," says Sergej Flach, who teamed up with Tetyana Laptyeva to achieve the decisive research results at the Max Planck Institute for the Physics of Complex Systems. Since the chaotic evolution of the initial image is deterministic, i.e. reversible, the whole procedure can be reversed using the combination of characters, so that the user can again read the password hidden in the Captcha.

"The character combination we use to encrypt the password in the Captcha can be very easy to remember," explains Konstantin Kladko. "We thus take account of the fact that most people only want to, or can only, remember simple passwords." The fact that the passwords are correspondingly weak is now no longer important, because the real protection comes from the encrypted password in the Captcha.

On the one hand, the password hidden in the Captcha is too long for computers to be able to guess it using a brute-force attack in a reasonable length of time. On the other, the physicists use a critical system to generate the password image. This system is close to a phase transition: with a phase transition, the system changes from one physical state to another, from the paramagnetic to the ferromagnetic state, for example. Close to the transition, regions repeatedly form which temporarily have already completed the transition. "The resulting image is always very grainy. Therefore, a computer cannot distinguish it from the original it is searching for," explains Sergej Flach.

"Although the study has just been submitted to a specialist journal and is only available online in an archive, it has already provoked a large number of responses in the community - and not only in Hacker News," says Sergej Flach. "I was very impressed by the depth of some comments in certain forums - in Slashdot, for example." The specialists are obviously impressed by the ingenuity of the approach, which means passwords could be very difficult to crack in the future. Moreover, the method is easy and quick to implement in conventional computer systems. "An expansion to several p-Captcha levels is obvious," says Sergej Flach. Hoiwever, this requires increased computing power to reverse the chaotic development in a reasonable time: "We therefore want to investigate various Hamiltonian and non-Hamiltonian systems in the future to see whether they provide faster and even more effective protection."



INFORMATION:

Original publication:
Tetyana V. Laptyeva, Sergej Flach, Konstantin Kladko
The weak password problem: chaos, criticality, and encrypted p-CAPTCHAs
arXiv:1103.6219v1, March 31, 2011


[Attachments] See images for this press release:
Strong protection for weak passwords

ELSE PRESS RELEASES FROM THIS DATE:

Consider Bankruptcy to Discharge Credit Card Debt

2011-04-21
When Congress' recent revisions to federal laws governing credit card usage went into effect, some consumers saw interest rates double or even triple. The law now allows for credit providers to be more flexible with interest rate raises, provided they give the cardholders notice of the action and share information about the total amount of the debt and approximately how long it will take to pay it off. The changes in the law were initially introduced as a way to protect consumers, but, in practice they are much more biased toward lenders. Following the enacting of those ...

Study group looks at the future of corporate boards

2011-04-21
New York, NY, April 20, 2011 - A 20-member blue-ribbon panel, the Study Group on Corporate Boards, co-sponsored by Columbia Business School and the John L. Weinberg Center for Corporate Governance at the University of Delaware, today released "Bridging Board Gaps," a report designed to improve board performance and effectiveness by offering a series of recommendations in critical areas of governance. The report calls for a renewed commitment to the purpose of corporate boards, and suggests guidelines to improve board practices and standards along seven core dimensions: ...

Childhood music lessons may provide lifelong boost in brain functioning

2011-04-21
WASHINGTON — Those childhood music lessons could pay off decades later - even for those who no longer play an instrument – by keeping the mind sharper as people age, according to a preliminary study published by the American Psychological Association. The study recruited 70 healthy adults age 60 to 83 who were divided into groups based on their levels of musical experience. The musicians performed better on several cognitive tests than individuals who had never studied an instrument or learned how to read music. The research findings were published online in the APA ...

New battery produces electricity where freshwater meets saltwater

2011-04-21
Scientists are reporting development of a new battery that extracts and stores energy produced from the difference in saltiness at the point where freshwater in rivers flows into oceans. A report on the battery, which could supply about 13 percent of the world's energy needs, appears in ACS' journal Nano Letters. Yi Cui and colleagues cite the intensive global scientific effort to develop renewable energy sources to supplement supplies of oil and other traditional fuels like coal, which contribute to global warming. Solar, wind, and geothermal are renewable, sustainable ...

Using the energy in oil shale without releasing carbon dioxide in a greenhouse world

2011-04-21
New technology that combines production of electricity with capture of carbon dioxide could make billions of barrels of oil shale — now regarded as off-limits because of the huge amounts of carbon dioxide released in its production — available as an energy source in a greenhouse world of the future. That's the conclusion of a report on "electricity production with in situ carbon capture" (EPICC) in ACS' journal Energy & Fuels. Adam Brandt and Hiren Mulchandani explain that almost 3 trillion barrels of oil are trapped in the world's deposits of oil-shale, a dark-colored ...

North Carolina Considering Limits to Non-Economic Damages in Medical Malpractice Cases

2011-04-21
The North Carolina Legislature is considering proposed medical malpractice legislation that would limit damages for non-economic damages. The state has already enacted a law that caps monetary damages in negligence cases to $1 million where the parties agree to go to binding arbitration, but Bloomberg reports that few have actually exercised this option. Proposed Malpractice Damage Cap The legislation calls for a limit of $250,000 on non-economic damages, which include compensation for pain and suffering, disfigurement, mutilation, loss of a limb, paralysis, and death. ...

Toward new medications for chronic brain diseases

2011-04-21
A needle-in-the-haystack search through nearly 390,000 chemical compounds had led scientists to a substance that can sneak through the protective barrier surrounding the brain with effects promising for new drugs for Parkinson's and Huntington's disease. They report on the substance, which blocks formation of cholesterol in the brain, in the journal, ACS Chemical Biology. Aleksey G. Kazantsev and colleagues previously discovered that blocking cholesterol formation in the brain could protect against some of the damage caused by chronic brain disorders like Parkinson's ...

Quest for new plant protection substances mirrors search for new drugs

2011-04-21
The costly, often-frustrating quest for new ways of preventing and treating diseases that strike vegetables, fruits, and other food crops bears striking similarity to the better-known saga of the pharmaceutical industry's pricey search for new drugs for humans. That's the topic of an article in the current edition of Chemical & Engineering News (C&EN), ACS' weekly newsmagazine. C&EN Senior Business Editor Melody M. Bomgardner points out that the R&D investment in new herbicides, fungicides, and other plant chemicals almost rivals that for human pharmaceuticals on a one ...

NightVision Outdoor Lighting Offers Atlanta Landscape Lighting Services to Customers of Recently Closed Southern Nights, Inc.

2011-04-21
Atlanta landscape lighting company NightVision Outdoor Lighting is offering its lighting maintenance services to the former customers of Southern Nights, Inc., a landscape lighting, design, and contracting company local to Atlanta. NightVision Outdoor Lighting specializes in Atlanta outdoor lighting for residential and commercial needs, using the highest quality bulbs and fixtures combined with years of experience and dependable service. Having recently gone out of business after 18 years in the industry, Southern Nights, Inc. left many homeowners across the metro Atlanta ...

Nature's elegant solution to repairing DNA in cancer, other conditions

2011-04-21
DURHAM, N.C. – A major discovery about an enzyme's structure has opened a window on understanding DNA repair. Scientists at Duke University Medical Center have determined the structure of a nuclease that will help scientists to understand several DNA repair pathways, a welcome development for cancer research. DNA repair pathways are very important in the context of cancer biology and aging, but the tools the cell uses to do those repairs are not well understood. "Until we saw the structure using X-ray crystallography, we didn't understand how it could recognize so many ...

LAST 30 PRESS RELEASES:

New study unlocks how root cells sense and adapt to soil

Landmark experiment sheds new light on the origins of consciousness

Nicotine pouch and e-cigarette use and co-use among U.S. youths

Wildfire smoke exposure and cause-specific hospitalization in older adults

Mechanism by which the brain weighs positive vs. negative social experience is revealed

Use of nicotine pouches increases significantly among US teens

In two decades increasing urban vegetation could have saved over 1.1 million lives

Mindfulness therapy reduces opioid craving and addiction, study finds

Stronger and safer: New design strategy for aluminium combines strength with hydrogen embrittlement resistance

Researchers solve one of Earth's ancient volcanic mysteries

Existing treatments may help fight symptoms of severe form of muscular dystrophy, new research suggests

Plastics may trigger hormone disruption in seabirds, new study finds

A virtual reality game integrating smell to fight cognitive decline

To improve screenings with technology, focus on people first

Implementing a digital cognitive screening tool and flexible workflow helps primary care clinics integrate dementia screening

Digital cognitive assessment in primary care may enable early dementia detection and next step care

App-based hearing screenings in family practice may improve hearing disorder diagnosis

Ai-enabled cardiovascular screening shows promise in identifying heart dysfunction in women considering pregnancy

Strengthening global pandemic preparedness: The urgent need for investment, collaboration, and action

FAU CA-AI awarded $2.1million to establish new U.S. Air Force Center of Excellence

KIST develops ultrasonic wireless battery charging technology

Artificial intelligence tools make education materials more patient friendly

Increasing physical activity in middle age may protect against Alzheimer's disease

Prevention instead of reaction: Intelligent, networked systems for structural monitoring

Zoo life boosts object exploration in orangutans

MIT engineers advance toward a fault-tolerant quantum computer

An enzyme-proof glycan glue for extracellular matrix to ameliorate intervertebral disc degeneration

Deepfakes now come with a realistic heartbeat, making them harder to unmask

So, our city’s shrinking—Now what?

Parents with alcohol-related diagnoses are twice as likely to maltreat children

[Press-News.org] Strong protection for weak passwords