this post was submitted on 16 Jan 2021
2 points (100.0% liked)

/c/cybersecurity - Cybersecurity News & Discussion

2111 readers
1 users here now

A community for technical news and discussion of cybersecurity and closely related topics.

founded 4 years ago
MODERATORS
 

This is a technique I've come up with, intended to be an improvement on the norm, and on multifactor authentication. It is both more secure and more convenient.

Features:

  • Every password is one-use-only - a hacker can never impersonate a service to steal credentials and immediately use them to impersonate the user.
  • Passwords are necessarily unique to each service - so password breaches are not so useful to hackers
  • The service must also prove its identity to the user - to avoid phishing
  • Does not use biometrics - because they are easy to steal, and difficult for the owner to change once stolen
  • Does not require revealing anything personal like an address or state-issued ID, that could then be used to impersonate the owner
  • Does not rely on having possession of a particular object/device - this device can be lost, stolen, damaged, causing the owner to lose all his accounts.
  • There is no need to store passwords somewhere like a password manager - avoiding several extra security risks.
  • Master-passwords don’t need to be very long or high entropy. There are only a couple of easy-to-remember ones which are shared across the user’s digital life. All transmitted data, all logins, are nonetheless high entropy.
  • It can be done as a browser plugin - this way it is at least as convenient as a conventional login. It can also be done using an air-gapped memoryless calculator - this way you never have to enter your passwords into any computer, or write them down anywhere but that device.
  • There is necessarily a standardised waiting time after a failed login, to avoid brute-force attacks.
  • Any attack (phishing or otherwise) is identified immediately and an alert can be sent. It can be figured out what information the attacker knew.

So this system has many features no existing system I’ve heard of has. In combination they make it perfectly secure.

How it works:

Cryptography usually uses some kind of hashing function, where it is easy to perform the calculation but difficult to reverse it. The analogy is mixing paint. Given two paint colours, it’s easy to figure out what colour is produced by mixing them. But given the mixed colour, it’s difficult to find out either component colour. I’ll use notation AxB=C for the forward function, where multiplication is easy, but the reverse function - given C find A or B - is difficult.

Here the user has two master passwords, PA and PB, which are the same for all services. He also has a device which performs the calculation AxB, to generate new temporary passwords. The calculator can be built into the browser, the OS, on the command-line, or on an air-gapped device.

Signing up to a service: The user provides the service a username and his two login passwords: PA x serviceID, PB x serviceID.

Login process:

  1. The user provides his username
  2. The service provides: PA x serviceID x date.
  3. The user checks this against his own calculation of PA x serviceID x date
  4. If correct, the user provides PB x serviceID x date
  5. The service checks this is correct. Then the login is complete.

This is as convenient as a conventional login process - assuming the calculator is built into the browser. Just enter your master passwrods and the browser will do the rest. But if the calculator is air-gapped, this technique has perfect security.

More details:

So the “something you have” and “something you are” are not required. If you’re a fan of two or three factor authentication you can incorporate them into this system. The login process can also be tweaked to force the user to check that the service's login is valid.

serviceID can be just the company name, or some other word which is the same for every user of the service, and shown on the login form. It can also be unique unique to each user, defined by either the user or the service (the service can remind the user of his serviceID)

The date could also be any unique or pseudo-random number. It could be displayed on the login form, to avoid timezone problems. Anyway the same date (and therefore the same login) can never be reused. Probably the date is rounded to 5min intervals, to the user has to wait 5min after each failed login attempt.

The user's passwords can be quite simple. High entropy is added to the login during the calculation. And if somehow hacked the passwords are easily changed.

This technique is easy to implement. A single browser or OS, and a single website/service could unilaterally start using this system. Or the details could be strictly defined as an internet standard.

There is no obstacle, political or technical. We could have perfect security, married with perfect convenience, today.

top 13 comments
sorted by: hot top controversial new old
[–] Helix@feddit.de 4 points 1 year ago* (last edited 1 year ago) (1 children)

You just reinvented X.509 challenge/response authentication without providing any reference implementation, but with the same issues.

Why do you think this idea has any value to the wider internet community?

[–] roastpotatothief@lemmy.ml 3 points 1 year ago (1 children)

Thanks for all the comments. This is exactly the kind of analysis that any new idea needs.

It's very different from X.509, as described by wikipedia. It doesn't use public/private key pairs. It doesn't need any authorities to certify anything. So maybe I just haven't explained it well enough.

It is just a joining of a few old ideas. It really just puts together two very effective tools lesspass.com and banking card readers.

lesspass.com allows a master password to generate many individual passwords, such that losing your device does not matter, and your master password is never stored in a database or revealed to anybody, even in hashed form. These are very strong (maybe unique) traits.

Banking card readers allow your master password to never leave an airgapped device. The combination of these two technologies is powerful. So that's what I propose.

[–] Helix@feddit.de 3 points 1 year ago

ah, so a zero knowledge password proof with a static key then. Your idea is susceptible to rainbow tables as all responses to all challenges could be precomputed without even knowing the password.

[–] Helix@feddit.de 2 points 1 year ago

How does the user remember their usernames on all websites? They would need to use another solution like a piece of paper, password manager or store it in their browser – which opens issues you wanted to avoid by not storing anything.

Any attack (phishing or otherwise) is identified immediately and an alert can be sent. It can be figured out what information the attacker knew.

How is this identified if you only store some kind of public key and the user name and don't store the mail address? How would it be figured out what the attacker knew when the only thing to know is the master password and the username?

Master-passwords don’t need to be very long or high entropy.

So they can easily be brute forced even when salted and peppered once the authentication service's database is leaked?

[–] Helix@feddit.de 1 points 1 year ago (1 children)

What happens when the user forgets their username or their password, or the password is leaked, or the hash algorithm gets cracked by a rainbow table?

Which algorithm in particular would you use? Do you have a technical specification and reference implementation for your system?

[–] roastpotatothief@lemmy.ml 0 points 1 year ago (2 children)

These are the right questions but they are difficult questions. The answer is always a compromise.

the user forgets their username or their password

Normally, there is no way to retrieve it. Uniquely with this system, the password is not stored anywhere for best security, there is only one master password to remember, and it doesn't matter if the hardware is lost.

In the browser-plugin variant, the master password could be stored in the browser.

the password is leaked, or the hash algorithm gets cracked by a rainbow table?

Same as with every other system. You have a big problem. Everything is at risk. But this system is much more secure than others which exist, because it does not require storing or sending your password anywhere, or trusting any server to keep it secure. The option to type it into an airgapped memoryless machine removes all of the normal ways passwords get leaked or stolen.

Which algorithm in particular would you use? Do you have a technical specification and reference implementation for your system? No. For now it is just an outline. Somebody would have to flesh it out.

So when you ask the hard questions, there are always vulnerabilities and compromises. It's not really perfect security because that is impossible. All I can say is that this system is much more secure and more convenient than any other that exists today.

[–] Helix@feddit.de 1 points 1 year ago

the password is not stored anywhere for best security, there is only one master password to remember, and it doesn’t matter if the hardware is lost.

What happens when the master password is leaked or lost? How would you make sure you can change the password without changing all the passkeys/logins?

Where would the logins be stored? Is there a central authentication server? Is it distributed? If the latter, how is consent formed on the correct data? How do you make sure a password change is actually replicated?

[–] Helix@feddit.de 0 points 1 year ago* (last edited 1 year ago) (1 children)

All I can say is that this system is much more secure and more convenient than any other that exists today.

How can you know that, when there is only a theoretical document but no specification, nor any implementation?

[–] roastpotatothief@lemmy.ml 0 points 1 year ago* (last edited 1 year ago) (1 children)

It has traits which remove all of the serious vulnerabilities of today's security systems.

[–] Helix@feddit.de 0 points 1 year ago (1 children)

Again, how do you know that if you didn't write any software which actually incorporates your ideas? Or at least wrote a specification or a proper whitepaper on it? With which solutions did you compare this? Where's the cryptoanalysis?

[–] roastpotatothief@lemmy.ml 0 points 1 year ago* (last edited 1 year ago) (2 children)

I won't be the one to actually build an implementation. I can only generate the idea, and leave it as a suggestion to the wider world. I don't have the money or expertise or incentive to actually build a piece of software.

Nobody can think of a flaw in this system. At this early stage, that's as much as can be hoped for. All attempts to find flaws have failed.

Maybe somebody will find a flaw and fix it, or make other improvements. If this becomes a component in an even better system, that's fine too. As long as a competent secure system gets built by someone.

[–] Helix@feddit.de 2 points 1 year ago

Nobody can think of a flaw in this system. At this early stage, that’s as much as can be hoped for. All attempts to find flaws have failed.

But… I found a flaw. It doesn't have an implementation, nor a specification, nor any information on technical details. For what it's worth, you can implement this with ROT13, which wouldn't be very secure.

[–] seirim@lemmy.ml 1 points 1 year ago

Kudos to you for exploring new ideas, but you have a lot of “hand waving away” of important details the other person Helix brought up, which are all significant and reasonable. I saw a lot of interesting points in your ideas though. Keep working on it! But you couldn’t depend on anyone else to do it, you’d need to see it through all the way.

load more comments
view more: next ›