[Cryptography] Fwd: Re: So please tell me. Why is my solution wrong?

[Joseph Kilcullen]

On 08-Feb-17 6:33 AM, Bill Cox wrote:

> I just read it, and I think the main idea is clever.  Show the user a
> secret picture whenever they authenticate.  This could help defend
> against phishing attacks.
>
> I like this idea for corporate logins.  It has to be something people
> use a lot, or they will forget the picture. Also, corporations can
> make sure every machine has a browser with this feature by default.
> That let's you skip having to convince the big browser dev teams that
> your feature needs to be integrated.

A key component of the solution is that the secret only resides on
'this' computer i.e. if it is ever placed on a network then you are back
being attacked by MITM attacks. The solution is entirely to prevent the
login screen, Fig 1, from being counterfeited. Each corporate user would
have to set a new image for each machine they use. However, after that
every web page accessed on that machine would use that local image. So
on your own computer, Facebook, Amazon etc would all show the same
image. The names for Trent and Bob come from the TLS certificate.

Apologies but EVERYONE would have to be in on this. So (1) web browsers
alone create Fig 1, (2) logins via regular web pages should not be
allowed since they are so easy to counterfeit there is no protection
against phishing. Hence some kind of protocol would be needed to tell
your browser to create Fig 1 i.e.

1. browser please verify digital signature on TLS certificate, if valid
proceed...

2. browser create fig 1, with your local secret (forcing phishers to
hack individual computers) and the authenticated TLS identity, and...

3. return the username and password entered by the user. We assume that
the user will only enter this data if they accept the picture and the
TLS identity.

Cool. Thanks for your response.