public PasswordPopularityTracker(
            string keyToPreventAlgorithmicComplexityAttacks,
            long estimatedNumberOfAccounts = DefaultEstimatedNumberOfAccounts,
            int thresholdRequiredToTrackPreciseOccurrences = DefaultMinCountRequiredToTrackPreciseOccurrences,
            uint thresholdRequiredToStorePlaintext = DefaultMinCountRequiredToStorePlaintext,
            double minPercentRequiredToStorePlaintext = DefaultMinPercentRequiredToStorePlaintext)
        {
            int numberOfHistoricalPeriods = DefaultNumberOfHistoricalPeriods;
            uint factorOfGrowthBetweenHistoricalPeriods = DefaultFactorOfGrowthBetweenHistoricalPeriods;

            LengthOfHistoricalPeriods = new uint[numberOfHistoricalPeriods];

            PasswordFrequencyEstimatesForDifferentPeriods = new List<FrequencyTracker<string>>(DefaultNumberOfHistoricalPeriods);
            uint currentPeriodLength = DefaultLengthOfShortestHistoricalPeriod;
            for (int period = 0; period < DefaultNumberOfHistoricalPeriods; period++)
            {
                LengthOfHistoricalPeriods[period] = currentPeriodLength;
                PasswordFrequencyEstimatesForDifferentPeriods.Add(
                    new FrequencyTracker<string>((int) currentPeriodLength));
                currentPeriodLength *= factorOfGrowthBetweenHistoricalPeriods;
            }
            // Reverese the frequency trackers so that the one that tracks the most items is first on the list.
            PasswordFrequencyEstimatesForDifferentPeriods.Reverse();

            long conservativelyHighEstimateOfRowsNeeded = 4 * estimatedNumberOfAccounts / LowEndEstimateOfLoginsBetweenBenignUsersEnteringWrongPasswordRepeatedly;
            _minCountRequiredToTrackPreciseOccurrences = thresholdRequiredToTrackPreciseOccurrences;
            _minPercentRequiredToStorePlaintext = minPercentRequiredToStorePlaintext;
            _minCountRequiredToStorePlaintext = thresholdRequiredToStorePlaintext;
//            _minPercentRequiredToTrackPreciseOccurrences = minPercentRequiredToTrackPreciseOccurrences;
            FailedPasswordsRecordedSoFar = 0d;
            

            SketchForTestingIfNonexistentAccountIpPasswordHasBeenSeenBefore =
                new AgingMembershipSketch(DefaultNumberOfSketchColumns, conservativelyHighEstimateOfRowsNeeded);
            BinomialSketchOfFailedPasswords = new BinomialSketch(SizeOfBinomialLadder, HeightOfBinomialLadder, keyToPreventAlgorithmicComplexityAttacks); // FIXME configuration parameters

            MapOfHighlyPopularUnsaltedHashedPasswordsToPlaintextPasswords =
                new Dictionary<string, string>();
        }
Exemple #2
0
        //public void ReduceMemoryUsage(object sender, MemoryUsageLimiter.ReduceMemoryUsageEventParameters parameters)
        //{
            //_ipHistoryCache.RecoverSpace(parameters.FractionOfMemoryToTryToRemove);
        //}

        public Simulator(DebugLogger logger, string path, ExperimentalConfiguration myExperimentalConfiguration, SimulatedPasswords simPasswords)
        {
            
            _simPasswords = simPasswords;
            _logger = logger;
            _AttackAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized 
                new ConcurrentStreamWriter(path + "AttackAttemptsWithValidPasswords.txt");
                //(new StreamWriter(new FileStream(path + "AttackAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write)));
            _LegitimateAttemptsWithValidPasswords = //System.IO.TextWriter.Synchronized
                new ConcurrentStreamWriter(path + "LegitimateAttemptsWithValidPasswords.txt");
            //(new StreamWriter(new FileStream(path + "LegitiamteAttemptsWithValidPasswords.txt", FileMode.CreateNew, FileAccess.Write)));
            _OtherAttempts = //System.IO.TextWriter.Synchronized
                new ConcurrentStreamWriter(path + "OtherAttempts.txt");
                //(new StreamWriter(new FileStream(path + "OtherAttempts.txt", FileMode.CreateNew, FileAccess.Write)));
            _logger.WriteStatus("Entered Simulator constructor");
            _experimentalConfiguration = myExperimentalConfiguration;
            BlockingAlgorithmOptions options = _experimentalConfiguration.BlockingOptions;
            
            _logger.WriteStatus("Creating binomial ladder");
            _binomialLadderFilter =
                new BinomialLadderFilter(options.NumberOfBitsInBinomialLadderFilter_N, options.HeightOfBinomialLadder_H);
            _ipHistoryCache = new ConcurrentDictionary<IPAddress, SimIpHistory>(); // new SelfLoadingCache<IPAddress, SimIpHistory>(address => new SimIpHistory(options.NumberOfFailuresToTrackForGoingBackInTimeToIdentifyTypos));
            _userAccountController = new SimulatedUserAccountController();

            //_memoryUsageLimiter = new MemoryUsageLimiter();
            //_memoryUsageLimiter.OnReduceMemoryUsageEventHandler += ReduceMemoryUsage;

            _recentIncorrectPasswords = new AgingMembershipSketch(16, 128 * 1024);

            _logger.WriteStatus("Exiting Simulator constructor");
        }