The security of systems is often predicated on a user or application selecting an object, a password or key, from a large list. If an inquisitor wishing to identify the object in order to gain access to a system can only query each possibility, one at a time, then the number of guesses they must make in order to identify the selected object is likely to be large. If the object is selected uniformly at random using, for example, a cryptographically secure pseudo-random number generator, then the analysis of the distribution of the number of guesses that the inquisitor must make is trivial. If the object has not been selected perfectly uniformly, but with a distribution that is known to the inquisitor, then the quantification of securi...
The Shannon theory of cipher systems is combined with recent work on guessing values of random varia...
Modern password guessing attacks adopt sophisticated prob-abilistic techniques that allow for orders...
Guessing, or dictionary, attacks arise when an intruder exploits the fact that certain data like pas...
The security of systems is often predicated on a user or application selecting an object, a password...
Abstract—We report on the largest corpus of user-chosen passwords ever studied, consisting of anonym...
The guesswork problem was originally motivated by a desire to quantify computational security for si...
Consider the situation where a word is chosen probabilistically from a finite list. If an attacker ...
More and more effort is being spent on security improvements in today's computer environments, with ...
Abstract—Consider the situation where a word is chosen probabilistically from a finite list. If an a...
The Guesswork problem was originally motivated by a desire to quantify computational security for si...
In this paper, we start to investigate the security implications of selective encryption. We do this...
Authenticating humans to computers remains a notable weak point in computer security despite decades...
Cataloged from PDF version of article.The Shannon theory of cipher systems is combined with recent ...
<p>In an effort to improve security by preventing users from picking weak passwords, system administ...
Parameterized password guessability—how many guesses a particular cracking algorithm with particular...
The Shannon theory of cipher systems is combined with recent work on guessing values of random varia...
Modern password guessing attacks adopt sophisticated prob-abilistic techniques that allow for orders...
Guessing, or dictionary, attacks arise when an intruder exploits the fact that certain data like pas...
The security of systems is often predicated on a user or application selecting an object, a password...
Abstract—We report on the largest corpus of user-chosen passwords ever studied, consisting of anonym...
The guesswork problem was originally motivated by a desire to quantify computational security for si...
Consider the situation where a word is chosen probabilistically from a finite list. If an attacker ...
More and more effort is being spent on security improvements in today's computer environments, with ...
Abstract—Consider the situation where a word is chosen probabilistically from a finite list. If an a...
The Guesswork problem was originally motivated by a desire to quantify computational security for si...
In this paper, we start to investigate the security implications of selective encryption. We do this...
Authenticating humans to computers remains a notable weak point in computer security despite decades...
Cataloged from PDF version of article.The Shannon theory of cipher systems is combined with recent ...
<p>In an effort to improve security by preventing users from picking weak passwords, system administ...
Parameterized password guessability—how many guesses a particular cracking algorithm with particular...
The Shannon theory of cipher systems is combined with recent work on guessing values of random varia...
Modern password guessing attacks adopt sophisticated prob-abilistic techniques that allow for orders...
Guessing, or dictionary, attacks arise when an intruder exploits the fact that certain data like pas...