| Peer-Reviewed

A Survey of Commercial Password Detection Methods

Received: 9 April 2022     Published: 14 April 2022
Views:       Downloads:
Abstract

Commercial password has been widely used in China's information services, and their role and importance in information security are gradually increasing. In recent years, as the application of quantum computing in computer technology becomes more and more extensive, the performance of computers continues to improve, and cryptographic penetration technology has emerged in an endless stream. Some known cryptographic algorithms are no longer secure in the new environment, such as the MD5 cryptographic algorithm with obvious security risks and the cracked RSA public key password algorithm, etc. Therefore, it is essential to detect and evaluate the security of commercial passwords. Based on a large number of literature at home and abroad and the practical work experience of Beijing Software Testing and Quality Assurance Center, this study comprehensively analyzes and combs the commercial password detection technology and forms a relatively complete research review on commercial password detection methods. The specific contents include traditional cryptanalysis methods, key penetration attack methods, side-channel attack methods, quantum computing cryptanalysis, etc. The research results provide important theoretical support for the commercial password security detection of the Winter Olympic information system, enhance the technical ability of the inspectors to the commercial password detection, and ensure the comprehensiveness of the information system security detection.

Published in Mathematics and Computer Science (Volume 7, Issue 2)
DOI 10.11648/j.mcs.20220702.11
Page(s) 18-23
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2022. Published by Science Publishing Group

Keywords

Information Safety, Commercial Password, Detection Method

References
[1] Yao Jian, Domestic Commercial Cryptographic Algorithm and Its Performance Analysis. Computer Applications and Software, Vol 36, 2019, pp. 327-333.
[2] Xie Zongxiao, Dong Shengxiang, Zhen Jie, Nternational Standardization of Domestic Commercial Cryptographic Algorithms and Their Corresponding Relations. China Standards Review, Vol 5, 2021, pp. 20-23, 29.
[3] Wang Rong, Xie Wei, Cao Yan, Lu Peng, A Study on the Current Situation and Development Countermeasures of Commercial Cryptography Management in China. Information Security and Communications Privacy, Vol 3, 2020, pp. 83-90.
[4] Chen Hong, Zhao Hongrui, Construction of legal system of commercial password information security with Chinese characteristics from the perspective of national security. Information Security And Communications Privacy, Vol 6, 2020, pp. 29-35.
[5] Huo Wei, Thoughts on Several Issues of Commercial Cryptography Application and Innovation Development. Journal of Information Securyity Research, Vol 6, 2020, pp. 958-965.
[6] Chen Weijian, Differential fault attack on LiCi ciphe. Chinese Journal of Network and Information Security, Vol 7, 2021, pp. 104-109.
[7] He Yeping, Wu Wenling, Qin Sihan, Truncated Differential-Linear Cryptanalysis. Journal of Software, Vol 11, 2000, pp. 1294-1298.
[8] Wu Wenling, Zhang Lei, Research progress of impossible differential cryptanalysis. Journal of Systems Science and Mathematics Sciences, Vol 28, 2008, pp. 971-983.
[9] Liu Zhengbin, Differential-linear cryptanalysis of Prince ciphe. Chinese Journal of Network and Information Security, Vol 7, 2021, pp. 131-140.
[10] Tang Yonglong, The Study of Algebraic Attacks on Stream Ciphers. Computer CD Software and Applications, Vol 8, 2010, pp. 50-51, 55.
[11] Wang Zhe, Zhang Wenying, Meet-in-Middle Attack on 5-Round Squar. Computer Technology and Development, Vol 21, 2011, pp. 132-135, 139.
[12] Beth. Dempsey VOTERS SEPUP. Library Journal, Vol 135, 2010, pp. 62-73.
[13] Bellare M, Paterson K G, Rogaway P. Security of Symmetric Encryption against Mass Surveillance. Berlin, Heidelberg: Springer Berlin Heidelberg, 2014.
[14] Gu Dawu, Zhang Chi, Progress of and some comments on the research of side-channel attack for cryptosystems. Journal of Xidian University (Natural Science), Vol 48, 2021, pp. 14-21, 49.
[15] Sun Jiayi, Wei Yongzhuang, Template Attacks Against Lightweight Block Cipher Algorithm DoT. Computer Engineering, Vol 47, 2021, pp. 155-159, 165.
[16] Chen Ping, Wang Ping, Dong Gaofeng, Hu Honggang, SincNet-based Side Channel Attack. Journal of Cryptologic Reseatch, Vol 7, 2020, pp. 583-594.
[17] Xie Min, Li Jiaqi, Tian Feng, Differential Fault Attack on GOST. Journal of Cryptologic Reseatch, Vol 8 (4), 2021, pp. 630-639.
[18] Jake Tibbetts, Quantum Computing and Cryptography: Analysis, Risks, and Recommendations for Decisionmakers. Information Security and Communications Privacy, Vol 1, 2021, pp. 61-69.
[19] Wang Chao, Yao Haonan, Wang Baonan, Hu feng, Zhang Huanguo, Ji Xiangmin, Progress in Quantum Computing Cryptography Attacks. Chinese Journal of Computers, Vol 43, 2020, pp. 1691-1707.
Cite This Article
  • APA Style

    Zhou Yue, Ren Fengli, Shao Yong. (2022). A Survey of Commercial Password Detection Methods. Mathematics and Computer Science, 7(2), 18-23. https://doi.org/10.11648/j.mcs.20220702.11

    Copy | Download

    ACS Style

    Zhou Yue; Ren Fengli; Shao Yong. A Survey of Commercial Password Detection Methods. Math. Comput. Sci. 2022, 7(2), 18-23. doi: 10.11648/j.mcs.20220702.11

    Copy | Download

    AMA Style

    Zhou Yue, Ren Fengli, Shao Yong. A Survey of Commercial Password Detection Methods. Math Comput Sci. 2022;7(2):18-23. doi: 10.11648/j.mcs.20220702.11

    Copy | Download

  • @article{10.11648/j.mcs.20220702.11,
      author = {Zhou Yue and Ren Fengli and Shao Yong},
      title = {A Survey of Commercial Password Detection Methods},
      journal = {Mathematics and Computer Science},
      volume = {7},
      number = {2},
      pages = {18-23},
      doi = {10.11648/j.mcs.20220702.11},
      url = {https://doi.org/10.11648/j.mcs.20220702.11},
      eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.mcs.20220702.11},
      abstract = {Commercial password has been widely used in China's information services, and their role and importance in information security are gradually increasing. In recent years, as the application of quantum computing in computer technology becomes more and more extensive, the performance of computers continues to improve, and cryptographic penetration technology has emerged in an endless stream. Some known cryptographic algorithms are no longer secure in the new environment, such as the MD5 cryptographic algorithm with obvious security risks and the cracked RSA public key password algorithm, etc. Therefore, it is essential to detect and evaluate the security of commercial passwords. Based on a large number of literature at home and abroad and the practical work experience of Beijing Software Testing and Quality Assurance Center, this study comprehensively analyzes and combs the commercial password detection technology and forms a relatively complete research review on commercial password detection methods. The specific contents include traditional cryptanalysis methods, key penetration attack methods, side-channel attack methods, quantum computing cryptanalysis, etc. The research results provide important theoretical support for the commercial password security detection of the Winter Olympic information system, enhance the technical ability of the inspectors to the commercial password detection, and ensure the comprehensiveness of the information system security detection.},
     year = {2022}
    }
    

    Copy | Download

  • TY  - JOUR
    T1  - A Survey of Commercial Password Detection Methods
    AU  - Zhou Yue
    AU  - Ren Fengli
    AU  - Shao Yong
    Y1  - 2022/04/14
    PY  - 2022
    N1  - https://doi.org/10.11648/j.mcs.20220702.11
    DO  - 10.11648/j.mcs.20220702.11
    T2  - Mathematics and Computer Science
    JF  - Mathematics and Computer Science
    JO  - Mathematics and Computer Science
    SP  - 18
    EP  - 23
    PB  - Science Publishing Group
    SN  - 2575-6028
    UR  - https://doi.org/10.11648/j.mcs.20220702.11
    AB  - Commercial password has been widely used in China's information services, and their role and importance in information security are gradually increasing. In recent years, as the application of quantum computing in computer technology becomes more and more extensive, the performance of computers continues to improve, and cryptographic penetration technology has emerged in an endless stream. Some known cryptographic algorithms are no longer secure in the new environment, such as the MD5 cryptographic algorithm with obvious security risks and the cracked RSA public key password algorithm, etc. Therefore, it is essential to detect and evaluate the security of commercial passwords. Based on a large number of literature at home and abroad and the practical work experience of Beijing Software Testing and Quality Assurance Center, this study comprehensively analyzes and combs the commercial password detection technology and forms a relatively complete research review on commercial password detection methods. The specific contents include traditional cryptanalysis methods, key penetration attack methods, side-channel attack methods, quantum computing cryptanalysis, etc. The research results provide important theoretical support for the commercial password security detection of the Winter Olympic information system, enhance the technical ability of the inspectors to the commercial password detection, and ensure the comprehensiveness of the information system security detection.
    VL  - 7
    IS  - 2
    ER  - 

    Copy | Download

Author Information
  • Beijing Software Testing and Quality Assurance Center, Beijing, China

  • Beijing Software Testing and Quality Assurance Center, Beijing, China

  • Faculty of Information Technology, Beijing University of Technology, Beijing, China

  • Sections