{"id":"https://openalex.org/W2086553822","doi":"https://doi.org/10.1145/1102120.1102168","title":"Fast dictionary attacks on passwords using time-space tradeoff","display_name":"Fast dictionary attacks on passwords using time-space tradeoff","publication_year":2005,"publication_date":"2005-11-07","ids":{"openalex":"https://openalex.org/W2086553822","doi":"https://doi.org/10.1145/1102120.1102168","mag":"2086553822"},"language":"en","primary_location":{"id":"doi:10.1145/1102120.1102168","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1102120.1102168","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th ACM conference on Computer and communications security","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058102069","display_name":"Arvind Narayanan","orcid":"https://orcid.org/0000-0001-7176-4479"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Arvind Narayanan","raw_affiliation_strings":["University of Texas at Austin","University of Texas at Austin#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at Austin","institution_ids":["https://openalex.org/I86519309"]},{"raw_affiliation_string":"University of Texas at Austin#TAB#","institution_ids":["https://openalex.org/I86519309"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038206174","display_name":"Vitaly Shmatikov","orcid":"https://orcid.org/0009-0002-1336-5714"},"institutions":[{"id":"https://openalex.org/I86519309","display_name":"The University of Texas at Austin","ror":"https://ror.org/00hj54h04","country_code":"US","type":"education","lineage":["https://openalex.org/I86519309"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vitaly Shmatikov","raw_affiliation_strings":["University of Texas at Austin","University of Texas at Austin#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at Austin","institution_ids":["https://openalex.org/I86519309"]},{"raw_affiliation_string":"University of Texas at Austin#TAB#","institution_ids":["https://openalex.org/I86519309"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I86519309"],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":442,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"364","last_page":"372"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9886999726295471,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9697999954223633,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.941718578338623},{"id":"https://openalex.org/keywords/dictionary-attack","display_name":"Dictionary attack","score":0.8305830955505371},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8262343406677246},{"id":"https://openalex.org/keywords/cognitive-password","display_name":"Cognitive password","score":0.5280174612998962},{"id":"https://openalex.org/keywords/password-policy","display_name":"Password policy","score":0.5051029324531555},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.49289846420288086},{"id":"https://openalex.org/keywords/password-cracking","display_name":"Password cracking","score":0.4722026288509369},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4528735876083374},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.42808911204338074},{"id":"https://openalex.org/keywords/space","display_name":"Space (punctuation)","score":0.41951116919517517},{"id":"https://openalex.org/keywords/password-strength","display_name":"Password strength","score":0.35189133882522583},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.2876814305782318},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.099749356508255}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.941718578338623},{"id":"https://openalex.org/C113328881","wikidata":"https://www.wikidata.org/wiki/Q599809","display_name":"Dictionary attack","level":3,"score":0.8305830955505371},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8262343406677246},{"id":"https://openalex.org/C23875713","wikidata":"https://www.wikidata.org/wiki/Q5141232","display_name":"Cognitive password","level":5,"score":0.5280174612998962},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.5051029324531555},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.49289846420288086},{"id":"https://openalex.org/C3847113","wikidata":"https://www.wikidata.org/wiki/Q2746524","display_name":"Password cracking","level":5,"score":0.4722026288509369},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4528735876083374},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.42808911204338074},{"id":"https://openalex.org/C2778572836","wikidata":"https://www.wikidata.org/wiki/Q380933","display_name":"Space (punctuation)","level":2,"score":0.41951116919517517},{"id":"https://openalex.org/C70530487","wikidata":"https://www.wikidata.org/wiki/Q1990841","display_name":"Password strength","level":4,"score":0.35189133882522583},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.2876814305782318},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.099749356508255}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/1102120.1102168","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1102120.1102168","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th ACM conference on Computer and communications security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.121.2052","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.121.2052","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.utexas.edu/~shmat/shmat_ccs05pwd.ps","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.75.9716","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.75.9716","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.utexas.edu/~shmat/shmat_ccs05pwd.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Quality Education","score":0.8100000023841858,"id":"https://metadata.un.org/sdg/4"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W169032787","https://openalex.org/W203500824","https://openalex.org/W1485033854","https://openalex.org/W1495015330","https://openalex.org/W1503108337","https://openalex.org/W1516161674","https://openalex.org/W1548067747","https://openalex.org/W1549671385","https://openalex.org/W1602484190","https://openalex.org/W1638203394","https://openalex.org/W1671750053","https://openalex.org/W1882297107","https://openalex.org/W1923545420","https://openalex.org/W1984314602","https://openalex.org/W2012646342","https://openalex.org/W2020306457","https://openalex.org/W2041543515","https://openalex.org/W2107661464","https://openalex.org/W2124926080","https://openalex.org/W2125838338","https://openalex.org/W2125927592","https://openalex.org/W2129088386","https://openalex.org/W2134475940","https://openalex.org/W2142384583","https://openalex.org/W2149929743","https://openalex.org/W2157604883","https://openalex.org/W2170312178","https://openalex.org/W2579555219","https://openalex.org/W2604924053","https://openalex.org/W2606565781","https://openalex.org/W2767969152","https://openalex.org/W4285719527","https://openalex.org/W4298423176","https://openalex.org/W4361793509","https://openalex.org/W6628932435","https://openalex.org/W6639317341","https://openalex.org/W6685338096","https://openalex.org/W6739058471"],"related_works":["https://openalex.org/W1982158666","https://openalex.org/W3131491961","https://openalex.org/W4319158737","https://openalex.org/W2563449137","https://openalex.org/W4239831152","https://openalex.org/W2097945858","https://openalex.org/W2159224061","https://openalex.org/W3174201280","https://openalex.org/W4321600778","https://openalex.org/W2804831377"],"abstract_inverted_index":{"Human-memorable":[0],"passwords":[1,12,26,38,53,66,165,203],"are":[2,42],"a":[3,132,142,151,167,175],"mainstay":[4],"of":[5,11,51,62,75,100,116,124,136,153,163,200],"computer":[6],"security.":[7],"To":[8],"decrease":[9],"vulnerability":[10],"to":[13,44,69,72,95,104,131],"brute-force":[14],"dictionary":[15,145],"attacks,":[16],"many":[17],"organizations":[18],"enforce":[19],"complicated":[20],"password-creation":[21],"rules":[22],"and":[23,29,140],"require":[24],"that":[25,34,59],"include":[27],"numerals":[28],"special":[30],"characters.":[31],"We":[32],"demonstrate":[33],"as":[35,37,204],"long":[36],"remain":[39],"human-memorable,":[40],"they":[41],"vulnerable":[43],"\"smart-dictionary\"":[45],"attacks":[46],"even":[47],"when":[48],"the":[49,60,73,78,98,101,117,164,185],"space":[50,103],"potential":[52],"is":[54,58,67,110,174,184],"large.Our":[55],"first":[56],"insight":[57],"distribution":[61,74],"letters":[63,76],"in":[64,77],"easy-to-remember":[65],"likely":[68],"be":[70,93,105],"similar":[71],"users'":[79],"native":[80],"language.":[81],"Using":[82],"standard":[83],"Markov":[84],"modeling":[85],"techniques":[86],"from":[87],"natural":[88],"language":[89],"processing,":[90],"this":[91],"can":[92],"used":[94],"dramatically":[96],"reduce":[97],"size":[99],"password":[102,119,156],"searched.":[106],"Our":[107,158],"second":[108],"contribution":[109],"an":[111,205],"algorithm":[112,159],"for":[113,190],"efficient":[114],"enumeration":[115],"remaining":[118],"space.":[120,172],"This":[121,173],"allows":[122],"application":[123],"time-space":[125],"tradeoff":[126],"techniques,":[127],"limiting":[128],"memory":[129],"accesses":[130],"relatively":[133],"small":[134],"table":[135],"\"partial":[137],"dictionary\"":[138],"sizes":[139],"enabling":[141],"very":[143],"fast":[144],"attack.We":[146],"evaluated":[147],"our":[148],"method":[149],"on":[150],"database":[152],"real-world":[154],"user":[155],"hashes.":[157],"successfully":[160],"recovered":[161],"67.6%":[162],"using":[166],"2":[168],"x":[169],"109":[170],"search":[171],"much":[176],"higher":[177],"percentage":[178],"than":[179],"Oechslin's":[180],"\"rainbow\"":[181],"attack,":[182],"which":[183],"fastest":[186],"currently":[187],"known":[188],"technique":[189],"searching":[191],"large":[192],"keyspaces.":[193],"These":[194],"results":[195],"call":[196],"into":[197],"question":[198],"viability":[199],"human-memorable":[201],"character-sequence":[202],"authentication":[206],"mechanism.":[207]},"counts_by_year":[{"year":2026,"cited_by_count":12},{"year":2025,"cited_by_count":22},{"year":2024,"cited_by_count":24},{"year":2023,"cited_by_count":18},{"year":2022,"cited_by_count":32},{"year":2021,"cited_by_count":23},{"year":2020,"cited_by_count":30},{"year":2019,"cited_by_count":42},{"year":2018,"cited_by_count":27},{"year":2017,"cited_by_count":27},{"year":2016,"cited_by_count":19},{"year":2015,"cited_by_count":43},{"year":2014,"cited_by_count":30},{"year":2013,"cited_by_count":21},{"year":2012,"cited_by_count":15}],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2025-10-10T00:00:00"}
