CAJ | 학술논문

选择有效的口令结构是提高口令字典攻击命中率的有效方法。人们在记忆口令时，通常不会一次性进行整体记忆，而是将口令划分成块分别记忆的。基于此，文中分析了已有的口令结构，提出了依据划分概率对口令结构进行再次划分的口令攻击方法。该方法将攻击口令的焦点放在高概率的口令结构上，通过对高概率的口令结构进行再次划分，产生更有效的口令结构，并用它们来产生候选口令，从而提高攻击命中率。最后通过真实口令测试数据对该方法进行了验证，实验结果表明，给定相同数目的高概率口令具体结构，通过划分，文中的方法与Matt Weir方法相比能够多恢复20％～30％的口令。根据攻击结果，文中的方法还可以更新所使用的字典，以达到学习的目的，提高后续攻击效率。
선택유효적구령결구시제고구령자전공격명중솔적유효방법。인문재기억구령시，통상불회일차성진행정체기억，이시장구령화분성괴분별기억적。기우차，문중분석료이유적구령결구，제출료의거화분개솔대구령결구진행재차화분적구령공격방법。해방법장공격구령적초점방재고개솔적구령결구상，통과대고개솔적구령결구진행재차화분，산생경유효적구령결구，병용타문래산생후선구령，종이제고공격명중솔。최후통과진실구령측시수거대해방법진행료험증，실험결과표명，급정상동수목적고개솔구령구체결구，통과화분，문중적방법여Matt Weir방법상비능구다회복20％～30％적구령。근거공격결과，문중적방법환가이경신소사용적자전，이체도학습적목적，제고후속공격효솔。
When performing a dictionary attack,it is an effective method for improving the hitratio to choose effective passwords’structures.When people remember a password,they seldomchoose entire memory at once.They usually divide a password into blocks to remember it separately.Based on this,this paper analyzes structures of existing passwords which were leaked and postedon the net,and proposes a password cracking method to divide structures again based on theprobabilities of divisions.This method focuses on these structures of high probabilities.Throughdivision of these structures,it can generate more effective passwords structures which can be usedto produce candidate passwords.This can improve attacks’hit ratio.Finally,the experiments usereal data to evaluate this method.Giving the same number of passwords’concrete structures withhigh probabilities,the result demonstrates that by dividing these structures this method canrecover more passwords of about 20 to 30 percent than Matt Weir et al.’s method.According tohit effects,this method can update dictionaries which are used during attack,and achieve thestudy goal.This can improve the efficiency in the next attack.