[Cryptography] Password entry protocols

Jerry Leichter leichter at lrw.com
Sat Mar 31 17:55:59 EDT 2018 

> Is it just me, or are all password entry protocols
> laughably easy to spoof?...
> 
> When a program/website asks me for a password, it's
> the equivalent of someone in a spy movie asking on
> the telephone "is this a secure line": which in
> itself is laughable -- if you have to ask, it isn't!
> 
> So all I have to do is to simply copy the screen --
> or the particular section of the screen -- and ask
> someone to type in their password.
You're leaving one thing out:  Computers don't just randomly ask you to type in your password.  In a well-designed system, password requests are *responses to user actions*, such as connecting to a web site.

Back in the old days, we worried about spoofed system login pages.  If you think about it, this is in fact one of the few circumstances where the user *doesn't* take an explicit action to initiate the sequence:  He sits down at the keyboard, but that in and of itself is not an action that triggers anything; the login prompt is already there.  So the classic fix - the "secure attention keystroke", which is guaranteed to take you to the actual login program - if used appropriately, does convert a login request to a response to a particular sequence of actions.  It's interesting, though, that among commonly used systems, only Windows retains this feature.

There are other equivalent sequences of actions that may be a greater threat.  For example, in MacOS, you can get an unsolicited popup telling you that some piece of code (Java is a common case) needs to be updated.  *Most* such prompts come when you actually start the code in question (e.g., Microsoft's updater for MacOS works that way); but the Java prompt comes when *it's* ready, regardless of what you are doing.  Agreeing to the download is fine in and of itself - but along the way, you'll be asked for your admin password.  You're expecting this, because you initiated the update - except that you didn't *really*, you responded to a prompt and believed it was what it claimed.  I've never heard of an attack using this mechanism but it seems quite plausible.

> Furthermore, I can even have Eve sit there watching
> the screen for a particular combination of pixels to
> show up, and know when to start typing in behind the
> scenes.
I'm not sure what attack you're describing here.

> Trying to train people to look for a different
> combination of pixels every time is even worse --
> how can they tell which is the real from the fake?
For browsers, it's been suggested there be a mechanism to prompt for passwords which would create a window with some kind of distinctive border decoration that could not be mimicked from code running in the browser.  MacOS has something vaguely like this, in which password prompts "fold out" of the browser window chrome.  Whether one could simulate this effect well enough to fool people, I don't know.  In any case, most web sites do their own password prompting.  No matter how good the mechanism, it helps no one if it isn't used.

Extending this kind of thing to arbitrary programs seems very difficult.  Perhaps we need something akin to a Secure Attention key that you can hit in a password prompt which will tell you exactly who's asking for the information.  Of course ... you have to get people to use it.

                                                        -- Jerry

More information about the cryptography mailing list