A Survey of Commercial Password Detection Methods

Abstract

Commercial password has been widely used in China's information services, and their role and importance in information security are gradually increasing. In recent years, as the application of quantum computing in computer technology becomes more and more extensive, the performance of computers continues to improve, and cryptographic penetration technology has emerged in an endless stream. Some known cryptographic algorithms are no longer secure in the new environment, such as the MD5 cryptographic algorithm with obvious security risks and the cracked RSA public key password algorithm, etc. Therefore, it is essential to detect and evaluate the security of commercial passwords. Based on a large number of literature at home and abroad and the practical work experience of Beijing Software Testing and Quality Assurance Center, this study comprehensively analyzes and combs the commercial password detection technology and forms a relatively complete research review on commercial password detection methods. The specific contents include traditional cryptanalysis methods, key penetration attack methods, side-channel attack methods, quantum computing cryptanalysis, etc. The research results provide important theoretical support for the commercial password security detection of the Winter Olympic information system, enhance the technical ability of the inspectors to the commercial password detection, and ensure the comprehensiveness of the information system security detection.