How should cache handling be accomplished in order to minimize the ability of the attacker to deliver a payload through the cache?
Write how one can use hash values to log into a system, crack a network, etc.
Be sure to explain how hash values are used and misused in a system.
Cite your sources. I have indicated 4 sources but you can use as many as you would like to meet the requirements. Grammar must be British with no grammar errors
Cache and Password Hash Functions
An object’s reputation request from the processing function is placed in a cache that is only accessed by the reputation query’s front end function. The reputation is removed from the cache once it changes so that a query can return the updated reputation for the object as retrieved from its processing back-end. During this process, cache offers an opportunity for vector attacks as it serves as a bridge between the front-end and back-end replication processing trust levels (ZHAO et al., 2011). The back-end replication function reads what has been inserted in the cache. Therefore, if an attacker delivers a payload, the back-end will receive it. However, the back-end processing could use the “if present, then delete” command to query for the presence of an attack object. If present, it orders the cache to delete all the object’s reputation reference (Schoenfield, 2015). This logic ensures that no data is read from the cache, and communication is not returned when the reputation processing function is issuing the command.
From the data processing sequence, an attack is determined by the access level to read and reach data. Cache manipulation by the back-end processing offers a limited attack surface when the data is not read. Therefore, it is essential to inspect the data retrieval and processing sequences to expose any attack surfaces. The sequencing of processing should be designed in a way that an unnecessary flow of data is eliminated or minimized to remove any attack surfaces. An attacker has a potential vector position that is credible despite the front-end controls put in place. Some front-end backward data flow vulnerabilities may arise in the run time environment, protocols, and operating systems. To mitigate these attacks, software vendors should consider a defense plan that protects the system’s infrastructure. A well-defined back-end software and API should be able to validate the reputation requests and reject any reputation that does not meet stringent verification.
Systems usually demand authentication as a requirement for information security. A system attacker hacks the database to reveal the user passwords, thereby gaining unauthorized access. For this reason, developers store hash values of passwords instead of plaintexts. Before hashing, the password’s hash value is calculated and appended as the per-user unique salt value of the password. During a registration process, the user chooses a password in plain text, and the back-end server then calculates the hash value using hashing algorithms like MD5, SHA, and RIPEMD to formulate a ciphertext. The hash values assure the system security against vulnerability attacks, user authorization, and user authentication.
On the other hand, hash values can be misused in a system. For instance, implementation of the password hash can be hacked, and an illegal system login performed. Attackers execute penetrations like Brute-Force, Dictionary, or Rainbow-Table to reveal the input plaintext. Hackers using the Brute-force attack calculate the hash value of every possible input value then compare the calculation to a given hash value to crack, while Dictionary charges involve using a large file with millions of passwords (Tatli, 2015). With a hash value to attack, the intruder performs a calculation of the hash value of the dictionary’s plaintext lines and compares the calculated hash values with the available hash value. Therefore, the plaintext is revealed when the values match. On the other hand, the Rainbow-table attacks use a large table set of pre-computed hash values with the correlating plaintext values. Consequently, when an attacker targets a specific hash value, they check it against the lookup table of the computed hash values (Sykes & Skoczen, 2014). Ultimately, the plaintext password is found if the given hash value exists within the table.
Schoenfield, B. S. (2015). Securing systems: Applied security architecture and threat models. CRC Press.
Sykes, E. R., & Skoczen, W. (2014). An improved parallel implementation of RainbowCrack using MPI. Journal of Computational Science, 5(3), 536-541. https://doi.org/10.1016/j.jocs.2013.10.006
Tatli, E. I. (2015). Cracking more password hashes with patterns. IEEE Transactions on Information Forensics and Security, 10(8), 1656-1665. https://doi.org/10.1109/tifs.2015.2422259
ZHAO, X., WANG, T., GUO, S., & ZHENG, Y. (2011). Access driven cache timing attack against AES. Journal of Software, 22(3), 572-591. https://doi.org/10.3724/sp.j.1001.2011.03802