Skip to main content
Springer Nature Link
Log in

A modified exhaustive search on a password system using SHA-1

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In this paper, we show a method of exhaustive search on a password system that uses SHA-1 iteratively. Our method uses both the technique shown in Steube [16] and a technique for computing repetitions of SHA-1. Combining these two techniques reduces the total number of operations. We also show how to apply our method to MS Office (Microsoft Office) 2007/2010.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. ECMA: ECMA-376: Office Open XML File Formats. ECMA (2012)

  2. Elcomsoft. http://www.elcomsoft.com/aopr.html

  3. Gaithersburg: FIPS PUB 180-4 Secure Hash Standard (SHS). NIST (2012)

  4. ISO/IEC: ISO/IEC 10646: Information technology—Universal Coded Character Set (UCS). ISO/IEC (2014)

  5. Karn, P., Simpson, W.A., Metzger, P.: The ESP triple DES transform. RFC Editor, RFC 1851 (1995)

  6. Katz, J., Lindell, Y.: Introduction to Modern Cryptography: Principles and Protocols. Chapman & Hall/CRC, Boca Raton (2007)

  7. Kilian, J., Rogaway, P.: How to protect DES against exhaustive key search. In: Advances in Cryptology CRYPTO 96, Lecture Notes in Computer Science, vol. 1109, pp. 252–267 (1996)

  8. Microsoft: Compound File Binary File. Microsoft Corporation (2010)

  9. Microsoft: Microsoft Office File Format Documentation Introduction. Microsoft Corporation (2011)

  10. Microsoft: [MS-OFFCRYPTO]: Office Document Cryptography Structure Specification. Microsoft Corporation (2012)

  11. NIST: FIPS-197: Advanced Encryption Standard. NIST (2001)

  12. National Bureau of Standards: Data Encryption Standard. U.S. Department of Commerce. FIPS pub. 46 (1977)

  13. Passware. http://www.lostpassword.com/hardware-acceleration.htm

  14. Rivest, R.: A description of the RC2 (r) encryption algorithm. RFC editor, RFC 2268 (1998)

  15. Schneier, B.: Applied Cryptography. Wiley, New York (1996)

    MATH  Google Scholar 

  16. Steube, J.: Exploiting a sha1 weakness in password cracking. In: Passwords \(\hat{}\,12\)(2012)

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Hanyang University, Seoul, Republic of Korea

    Minchul Kim, Younghoon Jung & Junghwan Song

Authors
  1. Minchul Kim
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Younghoon Jung
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Junghwan Song
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Junghwan Song.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kim, M., Jung, Y. & Song, J. A modified exhaustive search on a password system using SHA-1. Int. J. Inf. Secur. 16, 263–269 (2017). https://doi.org/10.1007/s10207-016-0332-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-016-0332-2

Keywords