A New Password Cracking Model with Generative Adversarial Networks | SpringerLink
Skip to main content
Springer Nature Link
Log in

A New Password Cracking Model with Generative Adversarial Networks

  • Conference paper
  • First Online:
Information Security Applications (WISA 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11897))

Included in the following conference series:

  • 1316 Accesses

Abstract

Owing to the generality and importance of the password as a means of authentication, many studies have addressed password-strength evaluation methods and password cracking methods. Recently, the generative adversarial networks approach to enhance password guessing (PassGAN) has been proposed as a password cracking method in research that is based on generative adversarial networks (GAN). The results of this study have received substantial attention. In this paper, we propose the use of a recurrent neural networks-based (RNN) GAN, which comprises the use of the improved Wasserstein GAN (IWGAN) cost function. These models that combine the RNN with IWGAN perform better than PassGAN. We have conducted experiments to compare the performance of our proposed model with that of PassGAN and analyzed the results. Using these analyses, we confirmed that our proposed models exhibited a password cracking performance improvement of 5–10% more than that of PassGAN.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 5719
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 7149
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. John the Ripper password cracker. http://www.openwall.com/john/

  2. Hashcat Advanced Password Recovery (1999). https://hashcat.net/wiki/

  3. RockYou Online (2009). https://wiki.skullsecurity.org/Passwords

  4. Arjovsky, M., Chintala, S., Bottou, L.: Wasserstein generative adversarial networks. In: Proceedings of the 34th International Conference on Machine Learning. Proceedings of Machine Learning Research, vol. 70, pp. 214–223. PMLR (2017)

    Google Scholar 

  5. Cho, K., van Merrienboer, B., Gülçehre, Ç., Bougares, F., Schwenk, H., Bengio, Y.: Learning phrase representations using RNN encoder-decoder for statistical machine translation. arXiv preprint arXiv:1406.1078 (2014)

  6. Cranor, L.F., et al.: Fast, lean, and accurate: modeling password guessability using neural networks. In: 25th USENIX Security Symposium (USENIX Security 16), pp. 175–191. ACM Press (2016)

    Google Scholar 

  7. Cubrllovic, N.: Rockyou hack: from bad to worse (2009). https://techcrunch.com/2009/12/14/rockyou-hack-security-myspace-facebook-passwords

  8. Dürmuth, M., Angelstorf, F., Castelluccia, C., Perito, D., Chaabane, A.: OMEN: faster password guessing using an ordered Markov enumerator. In: Piessens, F., Caballero, J., Bielova, N. (eds.) ESSoS 2015. LNCS, vol. 8978, pp. 119–132. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15618-7_10

    Chapter  Google Scholar 

  9. Gers, F.A., Schmidhuber, J., Cummins, F.: Learning to forget: continual prediction with LSTM. Neural Computation (2000)

    Google Scholar 

  10. Goodfellow, I., et al.: Generative adversarial networks. In: Advances in Neural Information Processing Systems 27, pp. 2672–2680. Curran Associates, Inc. (2014)

    Google Scholar 

  11. Gulrajani, I., Ahmed, F., Arjovsky, M., Dumoulin, V., Courville, A.C.: Improved training of Wasserstein GANs. In: Advances in Neural Information Processing Systems 30, pp. 5767–5777. Curran Associates, Inc. (2017)

    Google Scholar 

  12. Hitaj, B., Gasti, P., Ateniese, G., Perez-Cruz, F.: PassGAN: a deep learning approach for password guessing. arXiv preprint arXiv:1709.00440 (2017)

  13. Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9, 1735–1780 (1997)

    Article  Google Scholar 

  14. Houshmand, S., Aggarwal, S., Flood, R.: Next gen PCFG password cracking. IEEE Trans. Inf. Forensics Secur. 10(8), 1776–1791 (2015)

    Article  Google Scholar 

  15. IDRIX: Veracrypt (2017). https://www.veracrypt.fr/en/Home.html

  16. Ma, J., Yang, W., Luo, M., Li, N.: A study of probabilistic password models. In: 2014 IEEE Symposium on Security and Privacy, pp. 689–704. IEEE (2014)

    Google Scholar 

  17. Narayanan, A., Shmatikov, V.: Fast dictionary attacks on passwords using time-space tradeoff. In: Proceedings of the 12th ACM Conference on Computer and Communications Security - CCS 2005 (2005)

    Google Scholar 

  18. NSAKEY: Hashcat: GPU password cracking for maximum win (2015). https://github.com/NSAKEY/nsa-rules

  19. Tasevski, P.: Password attacks and generation strategies. Master’s thesis, Tartu University: Faculty of Mathmematics and Computer Sciences (2011)

    Google Scholar 

  20. Nguyen, T.D., Le, T., Vu, H., Phung, D.: Dual discriminator generative adversarial nets. arXiv preprint arXiv:1709.03831 (2017)

  21. Weir, M., Aggarwal, S., de Medeiros, B., Glodek, B.: Password cracking using probabilistic context-free grammars. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 391–405. IEEE (2009)

    Google Scholar 

  22. Yazdi, S.H.: Probabilistic context-free grammar based password cracking: attack, defense and applications. Ph.D. thesis, Florida State University, Department of Computer Science (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graduate School of Information Security, Korea University, Seoul, South Korea

    Sungyup Nam, Seungho Jeon & Jongsub Moon

Authors
  1. Sungyup Nam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seungho Jeon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jongsub Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jongsub Moon .

Editor information

Editors and Affiliations

  1. Soonchunhyang University, Asan, Korea (Republic of)

    Ilsun You

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Nam, S., Jeon, S., Moon, J. (2020). A New Password Cracking Model with Generative Adversarial Networks. In: You, I. (eds) Information Security Applications. WISA 2019. Lecture Notes in Computer Science(), vol 11897. Springer, Cham. https://doi.org/10.1007/978-3-030-39303-8_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-39303-8_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-39302-1

  • Online ISBN: 978-3-030-39303-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation