Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Ashley Madison coding blunder made over 11 million passwords easy to crack

Lucian Constantin | Sept. 11, 2015
The Web site's developers forgot about early users when they implemented strong password hashing three years ago.

Digital Key

Until today, the creators of the hacked AshleyMadison.com infidelity website appeared to have done at least one thing well: protect user passwords with a strong hashing algorithm. That belief, however, was painfully disproved by a group of hobbyist password crackers.

The 16-man team, called CynoSure Prime, sifted through the Ashley Madison source code that was posted online by hackers and found a major error in how passwords were handled on the website.

They claim that this allowed them to crack over 11 million of the 36 million password hashes stored in the website's database, which has also been leaked.

A few weeks ago such a feat seemed impossible because security experts quickly observed from the leaked data that Ashley Madison stored passwords in hashed form -- a common security practice -- using a cryptographic function called bcrypt.

Hashing is a form of one-way encryption. A clear text string, like a password, is run through an algorithm, typically multiple times, in order to generate a unique string of characters that serves as its representation. The procedure is not supposed to be reversible unless the algorithm is flawed.

However, recovering the original password from a hash is sometimes possible by using brute-force methods. This is known as hash cracking and involves running a very large number of possible passwords through the exact same algorithm that was used to generate the original hashes and looking for matches.

The success of such efforts depends on many factors: the type of hashing function used, its implementation, whether additional secret values called salts were added to the passwords, the complexity of the passwords themselves and the hardware resources available to the attackers.

Bcrypt is more computationally intensive than some other functions like MD5, which favors performance over brute-force protection. In addition, the Ashley Madison developers used a cost factor of 12 in their implementation, meaning that each possible password an attacker wants to test needs to be put through 4,096 rounds of hashing.

This makes cracking, even with an average-size dictionary -- a collection of common passwords -- and a very powerful hardware rig, very slow. The larger the dictionary the greater the chance of findings matches, but the slower the process.

A security expert named Dean Pierce made an attempt on the first 6 million Ashley Madison hashes using a list of plain text passwords leaked from game publisher RockYou in 2009. After five days he managed to crack only 4,000 hashes. That's 0.06 percent.

Researchers from antivirus vendor Avast tried as well and let their hash-cracking rig run for two weeks. The result: 26,994 recovered passwords, of which only 1,064 were unique -- used by a single user.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.