[Cryptography] Password entry protocols

Kyle Creyts kyle.creyts at gmail.com
Sun Apr 1 19:36:35 EDT 2018


On Sun, Apr 1, 2018 at 7:27 AM Henry Baker <hbaker1 at pipeline.com> wrote:

> At 02:55 PM 3/31/2018, Jerry Leichter wrote:
> >> Is it just me, or are all password entry protocols
> >> laughably easy to spoof?...
> >>
> >> When a program/website asks me for a password, it's
> >> the equivalent of someone in a spy movie asking on
> >> the telephone "is this a secure line": which in
> >> itself is laughable -- if you have to ask, it isn't!
> >>
> >> So all I have to do is to simply copy the screen --
> >> or the particular section of the screen -- and ask
> >> someone to type in their password.
> >
> >You're leaving one thing out:
> >
> >Computers don't just randomly ask you to type in your password.  In a
> well-designed system, password requests are *responses to user actions*,
> such as connecting to a web site.
>
> <snip>
>
> The problem is, the password model only works (if it ever did)
> when you have a *single process* running on your computer.  The
> moment you have more than one process, you have moved from a
> model where Alice and Bob are whispering in secret to a model
> where Alice and Bob are talking loudly on a crowded bus or
> restaurant with tens/hundreds of potential Eve's listening
> (and talking/typing).
>
> So to implement a password system on a modern computer&OS, one
> would need the ability to reliably take *exclusive* control of
> a portion of the screen -- which no one else could either read
> or write -- and the ability to reliably take *exclusive* control
> of the keyboard.  As we have painfully learned over the years,
> simple SW means of exclusion can be trivially bypassed; this
> exclusion has to be enforced in *hardware*.  When was the last
> time that you saw a piece of computer/cellphone screen real
> estate that was exclusively controlled by your bank?


It would appear Intel may offer a model for it. While this example only
offers a simple interface, here is Dashlane demonstrating the Intel U2F
implementation for Windows:
https://blog.dashlane.com/dashlane-intel-u2f-windows-password-manager/

Or some HW means/keyboard that you used *exclusively* to talk
> to your bank?


Setting up this channel seems possible for the CPU...

With today's tens (or hundreds) of levels of input/output HW/SW
> virtualization, good luck with that!


Potentially a challenge for some environments, but perhaps a laptop would
work for many?
-- 
Kyle Creyts
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180401/2b27686a/attachment.html>


More information about the cryptography mailing list