phoolproof phishing prevention bryan parno, cynthia kuo, adrian perrig carnegie mellon university
TRANSCRIPT
![Page 1: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/1.jpg)
Phoolproof Phishing PreventionPhoolproof Phishing Prevention
Bryan Parno, Cynthia Kuo, Adrian Perrig
Carnegie Mellon University
![Page 2: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/2.jpg)
A Recent Email…
Images from Anti-Phishing Working Group’s Phishing Archive
![Page 3: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/3.jpg)
Images from Anti-Phishing Working Group’s Phishing Archive
![Page 4: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/4.jpg)
The next page requests:
• Name• Address• Telephone• Credit Card Number, Expiration Date,
Security Code• PIN• Account Number• Personal ID• Password
![Page 5: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/5.jpg)
Images from Anti-Phishing Working Group’s Phishing Archive
![Page 6: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/6.jpg)
But wait…
WHOIS 210.104.211.21:
Location: Korea, Republic Of
Even bigger problem:
I don’t have an account with US Bank!
Images from Anti-Phishing Working Group’s Phishing Archive
![Page 7: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/7.jpg)
![Page 8: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/8.jpg)
Phishing: A Growing Problem
• Over 16,000 unique phishing attacks reported in Nov. 2005, about double the number from 2004
• Estimates suggest phishing affected 1.2 million US citizens and cost businesses billions of dollars in 2004
• Additional losses due to consumer fears
[Anti-Phishing Working Group, Phishing Activity Trends Report, Dec. 2005]
![Page 9: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/9.jpg)
Outline
• Introduction
• Current Antiphishing Approaches
• Goals & Design Principles
• Phoolproof Phishing Prevention
• Security Analysis
• Implementation
![Page 10: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/10.jpg)
Outline• Introduction• Current Antiphishing Approaches
– Heuristics– Modified Passwords– Origin Authentication
• Goals & Design Principles• Phoolproof Phishing Prevention• Security Analysis• Implementation
![Page 11: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/11.jpg)
Current Approaches• Heuristics
– Spoofguard [Chou et al.], TrustBar [HerzGbar], eBay toolbar, SpoofStick
– Recent studies indicate users ignore toolbar warnings [Wu et al.]
![Page 12: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/12.jpg)
Current Approaches• Modified Passwords
– Single Sign-On• Requires users to trust one institution with all of their passwords• Still faces an authentication problem
– PwdHash [Ross et al.]• Promising approach, but vulnerable to pharming, DNS spoofing, and
dictionary attacks– One-time passwords (e.g., scratch cards, RSA SecurID)
• Vulnerable to active MitM attacks (already seen in the wild)
username, one-time password
username, one-time password
Withdraw
$$$$$
![Page 13: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/13.jpg)
Current Approaches• Origin Authentication
– Dynamic Security Skins [DhamTygar ], Passmark, and the Petname project
– All rely on user diligence – a single mistake will result in a compromised account
![Page 14: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/14.jpg)
Key Insight
• Security must not depend entirely on fallible users
• System must be secure by default
• Design must be robust to user error
![Page 15: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/15.jpg)
Outline
• Introduction
• Phishing Techniques
• Current Antiphishing Approaches
• Goals & Design Principles
• Phoolproof Phishing Prevention
• Security Analysis
• Implementation
![Page 16: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/16.jpg)
Phishing Prevention Goals
• Ideal: User’s data only reaches intended recipient
• Practical: Prevent a phisher from viewing or modifying a user’s accounts– Reduce the power of attacks to that of pre-
Internet scams• E.g., an attacker can still subvert a company insider
![Page 17: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/17.jpg)
Contributions• Plan for human errors by guarding users’
accounts even when they make mistakes• Use a mobile device to establish an authenticator
the user cannot readily disclose• Protect against active Man-in-the-Middle attacks• Defend against keyloggers• Develop a prototype implementation
![Page 18: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/18.jpg)
Design Principles• Sidestep the arms race
– Incremental solutions provoke adaptations
• Provide mutual authentication– Phishing exploits two authentication failures:
Server to User and User to Server
• Reduce reliance on users– Users are unsuited to authenticating others or
themselves to others– We cannot rely on perfect user behavior
• Avoid dependence on browser interface– Readily spoofed and distrusted by users
![Page 19: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/19.jpg)
Outline
• Introduction
• Phishing Techniques
• Current Antiphishing Approaches
• Goals & Design Principles
• Phoolproof Phishing Prevention
• Security Analysis
• Implementation
![Page 20: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/20.jpg)
Phoolproof Prevention Overview
• Mobile device creates a public key pair for each site– Transmits public key to the server
• To access the site, the mobile device uses the private key to authenticate to the server– Assists browser in establishing SSL/TLS session
• Server refuses access unless client can provide user’s password and the mobile device authenticates properly
![Page 21: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/21.jpg)
User Experience
• Setup– Login to the institution’s website– Select Phoolproof Phishing Setup– Confirm installation on device
• Use– Select secure bookmark on device– Login to the website
![Page 22: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/22.jpg)
Basic Phoolproof Setup
Establish SSL Connection
User Information
<!-- ACCOUNT_CREATE -->
PubKSDomain, Site Name
PubKj
PubKj
![Page 23: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/23.jpg)
Advanced Phoolproof Setup
• For additional security, establish a shared secret via a trusted side-channel– Mail a nonce (or barcode) to address on file– Display a barcode at an ATM– Setup in person
• Trusted financial institutions could provide setup for companies without a storefront
• The problem of properly identifying new customers predates the Internet
• Existing research can help secure setup
![Page 24: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/24.jpg)
URL
Phoolproof Connection Establishment
Hello Messages
h = H(MS || prev msgs)
SigPrivKj(h)
PubKS
DHs, SigS(DHs)PubKS
DHc, SigPrivKj(h)PubKj
PubKj
STANDARD SSL
![Page 25: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/25.jpg)
Outline
• Introduction
• Phishing Techniques
• Current Antiphishing Approaches
• Goals & Design Principles
• Phoolproof Phishing Prevention
• Security Analysis
• Implementation
![Page 26: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/26.jpg)
Security Analysis• Hijacking account setup
– Users must authenticate site and vice versa (only once/site)
– Users are at their most alert– Advanced setup precludes most attacks
• Theft (or loss) of the mobile device– Thief still needs the user’s password– Device may require pin or biometric verification– Users can call companies to revoke their keys
(like credit cards)• Malware on the mobile device
– Standard security solutions (e.g., antivirus, firewalls)– Trusted hardware (e.g., TPMs)– Mutual software attestation
![Page 27: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/27.jpg)
Security Analysis• Malware on the computer
– Standard keylogger fails, since it only obtains password– Compromise of the browser or the operating system is still a
problem
• Attacks on the network– Our system is immune to Man-in-the-Middle attacks, pharming
attacks, and domain hijacking
• Local attacks on Bluetooth– Phishing relies on large-scale attacks, not local attacks– Attacker still lacks user’s password, so account is secure– Existing research [McCune et al. 2005] demonstrates how to
establish a secure channel
![Page 28: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/28.jpg)
Outline
• Introduction
• Phishing Techniques
• Current Antiphishing Approaches
• Goals & Design Principles
• Phoolproof Phishing Prevention
• Security Analysis
• Implementation
![Page 29: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/29.jpg)
Implementation: Minimal infrastructure
• Mobile device: Nokia Smartphone– Coded in Java for portability to other cellphones,
PDAs, etc.• Small patch to Firefox
– Detects account setup tag– Modifies SSL establishment
• Server changes are minimal for IIS, Apache and Apache-SSL
– Plus two short perl scripts
SSLVerifyClient none
SSLOptions
– For Apache 2.0:
![Page 30: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/30.jpg)
Implementation: Performance
Average
Time (s)
[Min, Max] (s)
Key Creation (offline)
75.0 [29, 168]
Account Creation 0.4 [0.3,0.5]
Site Navigation 0.2 [0.1,0.2]
SSL/TLS Establishment
1.7 [1.6,1.9]
20 Trials
![Page 31: Phoolproof Phishing Prevention Bryan Parno, Cynthia Kuo, Adrian Perrig Carnegie Mellon University](https://reader036.vdocuments.site/reader036/viewer/2022062517/56649f1b5503460f94c2ffde/html5/thumbnails/31.jpg)
Conclusions
• Phishing is a growing problem, and attacks will only become more sophisticated
• We should avoid relying on perfect user behavior• Instead, we use cryptographic techniques to
protect even fallible users• Our implementation demonstrates the feasibility of
phoolproof phishing prevention