stronger password authentication using browser extensions blake ross, collin jackson, nick miyake,...
Post on 19-Dec-2015
224 views
TRANSCRIPT
![Page 1: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/1.jpg)
Stronger Password Authentication Using Browser Extensions
Blake Ross, Collin Jackson, Nick Miyake,
Dan Boneh, John Mitchell
Stanford University
http://crypto.stanford.edu/PwdHash
![Page 2: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/2.jpg)
2
Password Phishing Problem
Bank A
Fake Site
User cannot reliably identify fake sites
Captured password can be used at target site
pwdApwdA
![Page 3: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/3.jpg)
3
Common Password Problem
Bank A
vulnerable site
high security site
pwdA
pwdB
= pwdA
Phishing attack or break-in at site B reveals pwd at A
• Server-side solutions will not keep pwd safe
• Solution: Strengthen with client-side support
Site B
![Page 4: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/4.jpg)
4
Our Solution: PwdHash
Lightweight browser extension
Impedes password theft
Invisible to server
Invisible to user Pwd Prefix
Pwd Hashing
![Page 5: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/5.jpg)
5
Password Hashing
Bank A
hash(pwdB, SiteB)
hash(pwdA, BankA)
Site B
Generate a unique password per site
•HMACfido:123(banka.com) Q7a+0ekEXb
•HMACfido:123(siteb.com) OzX2+ICiqc
pwdA
pwdB
=
![Page 6: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/6.jpg)
6
Password Hashing: past attempts
Hash pwd with realm provided by remote site:
•HTTP 1.1 Digest Authentication
•Kerberos 5
•Does not prevent phishing, common pwd
Hash pwd with network service name:
•Abadi, Bharat, Marais [PTO ’97] Standalone.
•Gabber, Gibbons, Mattias, Mayer [FC ’97]. Proxy.
•Relies on intercepting traffic can’t handle https
![Page 7: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/7.jpg)
7
Password Hashing: a popular idea
Recent password hashing projects:
Similar hashing algorithms Only PwdHash defends against spoofing and is
invisible to the user
Site PasswordPassword Maker
Genpass
Passwdlet
Password Composer
Magic Password GeneratorPwdHash
Password Generator Extension
![Page 8: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/8.jpg)
8
The Spoofing Problem
JavaScript can display password fields or dialogs:
Unhashed password sent to attacker in clear
![Page 9: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/9.jpg)
9
Password Prefix
Original pwdshould never be visibleto web page
OzX2+ICiqcSite B
@@fido:123
@@fido:123 @@abcdefgh
![Page 10: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/10.jpg)
10
Password Prefix: How it works
Normal operation: Prefix in password field
Abnormal operation: Prefix in non-password field
•Can just ignore the prefix and not hash•Remind user not to enter password
@@fido:123 @@abcdefgh **********
abcdefgh fido:123
HMACfido:123(siteb.com) Q7a+0ekEXb
![Page 11: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/11.jpg)
11
Why use Password Prefix?
Protection mechanism “built in” to password
Does not rely on user to make a decision Same prefix works for everyone Distinguishes secure passwords from
•normal passwords•social security numbers•PINs
Only use it when you want to
![Page 12: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/12.jpg)
12
Other Trusted Pwd Interfaces
Password prefix
Secure attention sequence
Trusted image or phrase:• Passmark• DSS
Starts with @@
![Page 13: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/13.jpg)
13
Other Challenges
Password Reset
Internet Cafes
Dictionary Attacks
Spyware, DNS poisoning (no protection)
Other issues (described in the paper)
•Choosing salt for hash
•Encoding hashed password
•Additional attacks and defenses
![Page 14: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/14.jpg)
14
After install, PwdHash can’t protect existing pwds
• Only passwords starting with @@ are secure
• User can choose where to use PwdHash
• User must enter old password unhashed into password reset page
Pwd Prefix makes it easy
• Old passwords won’t
be accidentally hashed
• New, secure passwords are
automatically hashed
Password Reset
Starts with @@
![Page 15: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/15.jpg)
15
Internet Cafes Users cannot install software at Internet Cafes. Would not be a problem if PwdHash were universally available Interim solution: A secure web site for remote hashing, e.g.
https://www.pwdhash.com
Hash is computed using JavaScript• Server never sees password• Resulting hash is copied into clipboard• Can also be used as a
standalone password
generator
Internet Explorer
Firefox
![Page 16: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/16.jpg)
16
Dictionary attacks After phishing attack or break-in to low security site,
attacker can repeatedly guess password and check hash.
• Succeeds on 15% of passwords (unlike 100% today)
• Less effective on longer, stronger passwords
Solution: better authentication protocol (SPEKE, SRP, etc.)
• Requires server-side changes
Defense: user specifies a global pwd to strengthen all pwd hashes
• Creates a new pwd management problem for shared machines
Defense: slow hash function (Halderman, Waters, Felten ‘05)
• Increases time of dictionary attack
aardvark, aback,
abacus, abandon…
![Page 17: Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University](https://reader036.vdocuments.site/reader036/viewer/2022062714/56649d3f5503460f94a18b8f/html5/thumbnails/17.jpg)
17
PwdHash: Try it out
Prototype for Internet Explorer and Mozilla Firefox
Defends against spoofing
Invisible to user
Invisible to server
Complementary to other anti-phishing solutions
Only use it when you want to
www.pwdhash.com