面向子词级口令猜测模型的蒙特卡洛强度评估优化算法

OPTIMIZATION OF MONTE CARLO STRENGTH EVALUATION FOR SUBWORD-LEVEL PASSWORD GUESSING MODELS

  • 摘要: 蒙特卡洛(Monte Carlo)强度评估方法广泛应用于口令安全研究。该方法评估口令猜测数时要求口令猜测模型为每条口令赋予唯一的猜测数。然而,近年来出现的子词(一个或多个字符的组合)级口令猜测模型为每条口令赋予一个或多个猜测数,降低了准确性。针对该问题,设计并实现面向子词级口令猜测模型的蒙特卡洛强度评估优化算法。该优化算法显著提升口令猜测数评估的准确性,以1011猜测数为例,相对误差减小98.73%至99.15%。

     

    Abstract: The Monte Carlo strength evaluation is widely used in password security research. This method requires the password guessing model to assign a unique guess number to each password when evaluating the number of password guesses. However, the subword (a combination of one or more characters) level password guessing model that appeared in recent years assigns each password one or more guess numbers, leading to the decreased accuracy. To overcome the problem, the optimization of the Monte Carlo strength evaluation for subword-level password guessing models are designed and implemented. The optimization significantly improves the accuracy. For example, under 1011 guesses, the relative error is reduced by 98.73%~99.15%.

     

/

返回文章
返回