A simple way of dynamical passwords defense against sniffing attacks

A simple way of dynamical passwords defense against sniffing attacks


A sniffing attack refers to stealing or interception of data by catching network traffic using a sniffer (computer software or hardware that can intercept and log traffic passing over a digital network).

Even so, that https protocol encrypts all data passed over it, we will assume that attackers are able to break SSL encryption.

A simple way to protect your passwords against such sniffing attacks is to use one or several dynamical passwords generators (DPGs) with any combinations of rules from the following list:

-recursion rules;

-selection rules;

-modification/combination rules;

-permutation rules;

-association rules.

A recursion rule is a sequence of iterations to use output of a DPGs as input for each next iteration. For example, let us use “12345” as a key and “2/2/2222” as a date on the first iteration.

p1

p2

On the second iteration we use the same date, but as a key we use the second password in the output of the first iteration.

p3

Selection rules specify which sub-strings we select from each output field. For example, we can select in the first output field a sub-string from 3rd to 18th symbols, in the second output field a sub-string from 2nd to 12th symbols, etc.

p4

p5

For the reason that only users know the rules, attackers will not be able to find passwords in the intercepted data.

Modification/combination rules allow us to modify outputs or combine different outputs to form more complex passwords. For example, we can combine sub-strings from different outputs of a single or several DPGs

Permutation rules are rules which define change of symbols order in accordance with a given permutation.

Association rules are rules, which associate ordered outputs from different DPGs or outputs from a single DPG with online accounts, devices, electronic locks, etc.

The trivial rule is to associate accounts and the generated passwords by rows numbers. This means that an account in the row number x is associated with the password in the row number x. We can change this rule on a different rule in which an account in the row number x is associated with the password in the row number y.

If users go to the URL: https://dynpass.online/tools/ars.html, choose from the selection menu a type of DPG (public or private), and click on
he “Get ARs!” button, users get as a result randomly generated association rules, which they can use to increase security of dynamical passwords.

p6

p7

The 1st password is for the 3rd account, the 2nd password is for the 18th account, etc.

For the reason that only users know the rules, attackers will not be able to find passwords and accounts in the intercepted data. Quantum computers, which will come soon, also will not help hackers to find your passwords protected with your rules, which nobody knows. For this reason DPGs are ready for the coming era of quantum computers.

Users can create simple or complex rules based on their preferences and security needs.

 

 

References:

[1] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-create-unhackable-passwords-xeenglp

[2] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-protect-multiple-content-files-xxvzoww

[3] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-protect-any-business-from-bec-attacks-xoqzwgr

[4] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-manage-changes-of-multiple-unique-strong-pas-xrxwydn

[5] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-for-secure-management-of-multiple-super-strong-xqqwgwd

[6] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-create-virtualphantom-seeds-or-mnemonics-for-xkevzrr

[7] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-increase-security-and-protection-of-crypto-a-xrxewlm

[8] https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-of-defense-against-shoulder-surfing-attacks-xkevjmz

 

 

 

How do you rate this article?

21


I_g_o_r
I_g_o_r

I am curious about science, technologies and their applications to solving real problems.


Simple solutions to complex problems
Simple solutions to complex problems

Each post is devoted to a simple solution to a complex problem.

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.