[Cryptography] Password entry protocols

Kent Borg kentborg at borg.org
Sat Mar 31 18:19:33 EDT 2018


On 03/31/2018 11:08 AM, Henry Baker wrote:
> Is it just me, or are all password entry protocols
> laughably easy to spoof?

Spoof from whole cloth, or relaying in the middle?

I have seen various attempts at customizing what each specific user sees 
on password web pages, as a crude form of information exchange, but I 
think I have also seen each of them abandoned. And I bet no user raised 
a question when each was abandoned. ("But I was expecting to see the 
same little inkblot picture, and it's gone today! Quick, call the bank!" 
Yeah, sure.)

The most suspicious thing I have maybe done was complain to a bank that 
their domain registration was secret and not becoming of a 
brick-and-mortar institution--but I looked around and all small banks 
seem to think it is a good idea to make their domain registrations look 
like hijacked domains. As a way to prevent hijacking, I think. Ironic.

> So all I have to do is to simply copy the screen --
> or the particular section of the screen -- and ask
> someone to type in their password.

That's what phishing is based on.

But we are not allowed to educate the user to be more savvy for that is 
blaming the user. Rather we train the user to accept phishing more 
attempts by initiating legitimate transactions in a way which is 
indistinguishable from evil phishing e-mails. (That kind of user 
education is okay.)

HSBC Canada used to have a neat password design where they issued a 
random password (so no inbound password reuse) and they only asked for a 
specific few characters of the password each login. So the user never 
revealed the entire password any given login. Combined with 
fingerprinting of logins, they could change up what positions they asked 
for. But they abandoned that after a few years. I guess someone new was 
hired. (I'll quit periodically repeating this at some point, I'm sure I 
will.)

Come to think of it, the way I do security questions (not give real 
answers, and keep careful notes) does have a two-way key exchange 
property: if Bank XYQ asks me the name of my elementary school but I 
have no record of a made up elementary school for that account, that 
stops the "key exchange", for I have no answer. Unfortunately the remedy 
at that point is for me to give even more information as part of a 
password recovery process.

Google's approach seems to be to fingerprint our logins as a way to try 
to detect fakes--or detect Eve. But how to we detect fake Googles? No, 
we aren't allowed to do any user education--that would let crappy web 
sites off the hook and therefore be blaming the user.

But I guess I have been ranting. Back to one of your points: if Eve can 
sit in the middle she can do what she pretty much whatever she wants.

-kb, the Kent who will shutup now.



More information about the cryptography mailing list