ThreatPost discusses Ersatz, a rather unique scheme for protecting stored passwords while at the same time deceiving hackers, with the intent to trigger security alerts to notify security personnel of potential cracking:
Similar in theory to the Honeywords Project, developed by Ari Juels and Ron Rivest at MIT, Ersatz Passwords instead present the attacker with a long list of phony passwords, and simultaneously trigger an alert within the system notifying admins of an attempted cracking.
The paper explains that the process of computing the real password hash would require an attacker to have access to a hardware security module resident in the authentication server. That dependency makes offline cracking almost impossible. The presentation of the phony passwords is unlike Honeywords, which mixes a list of phony passwords alongside the real ones in a database; in the Ersatz scheme, the real passwords are never available to the hacker.
The researchers said that a system-side initialization of the scheme involves the application of a hardware-dependent function that is applied to each stored hash and fed to the same hash function with the original salt.
“After that, the output is stored in the password file replacing the old stored value,” the researchers wrote. “If an adversary obtains this file and tries to crack any user passwords, the probability that he will get any apparent match is negligible, even if a user password is from a standard dictionary.”
The researchers assert that this puts a serious dent in the effectiveness of offline cracking tools such as John the Ripper. The attacker would, as a result, need access to the hardware in order to properly access the correct hashes.
This sounds like a very interesting solution. I wonder how viable and practical it is in real-world use. Theoretically is appears as if it could solve a lot of the problems we face today with offline brute-force attacks against stolen password files.