Challenge Response is one of the cornerstones of online security. The simplest form of Challenge-Response is asking for a password. Much cryptographic work has focused on developing strong forms of encryption, however some networks require transmission over networks which might be monitored. We discuss this problem in the context of a particular kind of open network used by 30,000 users, and which is an important medium supporting emergency services. The current challenge-response implementation on this network relies upon sending information about the password. We calculate the number of observations needed to capture password using brute force attack, replay attack, and version spaces. We show that even strong passwords (completely random set of characters) are at significant risk of discovery in as few as 16 login attempts. We next present an algorithm that adds adversarial “chaff” to the password information designed to minimize relative information gain during challenge-response. We show that, with enough adversarial chaff, unambiguous password recovery from passive data capture may not be possible, although passwords can still be recovered by an attacker actively probing the system. Despite this, better protection of passwords is useful, and would be immediately helpful to people using these services.
mobile