Showing papers on "Password published in 2014"

The Tangled Web of Password Reuse

Abstract: Today's Internet services rely heavily on text-based passwords for user authentication. The pervasiveness of these services coupled with the difficulty of remembering large numbers of secure passwords tempts users to reuse passwords at multiple sites. In this paper, we investigate for the first time how an attacker can leverage a known password from one site to more easily guess that user's password at other sites. We study several hundred thousand leaked passwords from eleven web sites and conduct a user survey on password reuse; we estimate that 43- 51% of users reuse the same password across multiple sites. We further identify a few simple tricks users often employ to transform a basic password between sites which can be used by an attacker to make password guessing vastly easier. We develop the first cross-site password-guessing algorithm, which is able to guess 30% of transformed passwords within 100 attempts compared to just 14% for a standard password-guessing algorithm without cross-site password knowledge.

A Study of Probabilistic Password Models

Abstract: A probabilistic password model assigns a probability value to each string. Such models are useful for research into understanding what makes users choose more (or less) secure passwords, and for constructing password strength meters and password cracking utilities. Guess number graphs generated from password models are a widely used method in password research. In this paper, we show that probability-threshold graphs have important advantages over guess-number graphs. They are much faster to compute, and at the same time provide information beyond what is feasible in guess-number graphs. We also observe that research in password modeling can benefit from the extensive literature in statistical language modeling. We conduct a systematic evaluation of a large number of probabilistic password models, including Markov models using different normalization and smoothing methods, and found that, among other things, Markov models, when done correctly, perform significantly better than the Probabilistic Context-Free Grammar model proposed in Weir et al., which has been used as the state-of-the-art password model in recent research.

An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics

Abstract: Password-based remote user authentication schemes are widely investigated, with recent research increasingly combining a user's biometrics with a password to design a remote user authentication scheme that enhances the level of the security However, these authentication schemes are designed for a single server environment and result in users needing to register many times when they want to access different application servers To solve this problem, in this paper we propose an anonymous multi-server authenticating key agreement scheme based on trust computing using smart cards, password, and biometrics Our scheme not only supports multi-server environments but also achieves many security requirements In addition, our scheme is a lightweight authentication scheme which only uses the nonce and a hash function From the subsequent analysis, the proposed scheme can be seen to resist several kinds of attacks, and to have more security properties than other comparable schemes

A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards

Abstract: Advancement in communication technology provides a scalable platform for various services, where a remote user can access the server from anywhere without moving from its place. It provides a unique opportunity for online services such that a user does not need to be physically present at the service center. These services adopt authentication and key agreement protocols in order to ensure authorized and secure access to the resources. Most of the authentication schemes proposed in the literature support a single-server environment, where the user has to register with each server. If a user wishes to access multiple application servers, he/she requires to register with each server. The multi-server authentication introduces a scalable platform such that a user can interact with any server using single registration. Recently, Chuang and Chen proposed an efficient multi-server authenticated key agreement scheme based on a user’s password and biometrics (Chuang and Chen, 2014). Their scheme is a lightweight, which requires the computation of only hash functions. In this paper, we first analyze Chuang and Chen’s scheme and then identify that their scheme does not resist stolen smart card attack which causes the user’s impersonation attack and server spoofing attack. We also show that their scheme fails to protect denial-of-service attack. We aim to propose an efficient improvement on Chuang and Chen’s scheme to overcome the weaknesses of their scheme, while also retaining the original merits of their scheme. Through the rigorous informal and formal security analysis, we show that our scheme is secure against various known attacks including the attacks found in Chuang and Chen’s scheme. Furthermore, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and show that our scheme is secure against the replay and man-in-the-middle attacks. In addition, our scheme is comparable in terms of the communication and computational overheads with Chuang and Chen’s scheme and other related existing schemes.

The Password Life Cycle: User Behaviour in Managing Passwords

Abstract: Users need to keep track of many accounts and passwords. We conducted a series of interviews to investigate how users cope with these demanding tasks, and used Grounded Theory to analyze the interview results. We found that most users cope by reusing passwords and writing them down, but with a rich variety of behaviour and diverse personalized strategies. These approaches seem to disregard security advice, but at a detailed level they involve perceptive behaviour and careful self-management of user resources. We identify a password life cycle that follows users’ password behaviour and how it develops over time as users adapt to changing circumstances and demands. Users’ strategies have their limitations, but we suggest they indicate a rational response to the requirements of password authentication. We suggest that instead of simply advising against such behaviour, new approaches could be designed that harness existing user behaviour while limiting negative consequences.

On Semantic Patterns of Passwords and their Security Impact.

Abstract: We present the first framework for segmentation, semantic classification, and semantic generalization of passwords and a model that captures the semantic essence of password samples. Researchers have only touched the surface of patterns in password creation, with the semantics of passwords remaining largely unexplored, leaving a gap in our understanding of their characteristics and, consequently, their security. In this paper, we begin to fill this gap by employing Natural Language Processing techniques to extract and leverage understanding of semantic patterns in passwords. The results of our investigation demonstrate that the knowledge captured by our model can be used to crack more passwords than the state-of-the-art approach. In experiments limited to 3 billion guesses, our approach can guess approximately 67% more passwords from the LinkedIn leak and 32% more passwords from the MySpace leak.

Robust smart-card-based remote user password authenticationscheme

Abstract: Smart-card-based remote user password authentication schemes are commonly used for providing authorized users a secure method for remotely accessing resources over insecure networks. In 2009, Xu etal. proposed a smart-card-based password authentication scheme. They claimed their scheme can withstand attacks when the information stored on the smart card is disclosed. Recently, Sood etal. and Song discovered that the smart-card-based password authentication scheme of Xu etal. is vulnerable to impersonation and internal attacks. They then proposed their respective improved schemes. However, we found that there are still flaws in their schemes: the scheme of Sood etal. does not achieve mutual authentication and the secret key in the login phase of Song's scheme is permanent and thus vulnerable to stolen-smart-card and off-line guessing attacks. In this paper, we will propose an improved and efficient smart-card-based password authentication and key agreement scheme. According to our analysis, the proposed scheme not only maintains the original secret requirement but also achieves mutual authentication and withstands the stolen-smart-card attack. Copyright © 2012 John Wiley & Sons, Ltd.

From Very Weak to Very Strong: Analyzing Password-Strength Meters

Abstract: Millions of users are exposed to password-strength meters/checkers at highly popular web services that use user- chosen passwords for authentication. Recent studies have found evidence that some meters actually guide users to choose better passwords—which is a fairly rare-bit of good news in password research. However, these meters are mostly based on ad-hoc design. At least, as we found, most vendors do not provide any explanation of their design choices, sometimes making them appear to be a black box. We analyze password meters deployed in selected popular websites, by measuring the strength labels assigned to common passwords from several password dictionaries. From this empirical analysis with millions of passwords, we report prominent characteristics of meters as deployed at popular websites. We shed light on how the server-end of some meters functions, provide examples of highly inconsistent strength outcomes for the same password in different meters, along with examples of many weak passwords being labeled as strong or even very strong. These weaknesses and inconsistencies may confuse users in choosing a stronger password, and thus may weaken the purpose of these meters. On the other hand, we believe these findings may help improve existing meters, and possibly make them an effective tool in the long run.

Security flaws in two improved remote user authentication schemes using smart cards

Abstract: SUMMARY Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this paper, we analyze two recent proposals in the area of password-based remote user authentication using smart cards. First, we point out that the scheme of Chen et al. cannot achieve all the claimed security goals and report its following flaws: (i) it is vulnerable to offline password guessing attack under their nontamper resistance assumption of the smart cards; and (ii) it fails to provide forward secrecy. Then, we analyze an efficient dynamic ID-based scheme without public-key operations introduced by Wen and Li in 2012. This proposal attempts to overcome many of the well-known security and efficiency shortcomings of previous schemes and supports more functionalities than its counterparts. Nevertheless, Wen–Li's protocol is vulnerable to offline password guessing attack and denial of service attack, and fails to provide forward secrecy and to preserve user anonymity. Furthermore, with the security analysis of these two schemes and our previous protocol design experience, we put forward three general principles that are vital for designing secure smart-card-based password authentication schemes: (i) public-key techniques are indispensable to resist against offline password guessing attack and to preserve user anonymity under the nontamper resistance assumption of the smart card; (ii) there is an unavoidable trade-off when fulfilling the goals of local password update and resistance to smart card loss attack; and (iii) at least two exponentiation (respectively elliptic curve point multiplication) operations conducted on the server side are necessary for achieving forward secrecy. The cryptanalysis results discourage any practical use of the two investigated schemes and are important for security engineers to make their choices correctly, whereas the proposed three principles are valuable to protocol designers for advancing more robust schemes. Copyright © 2012 John Wiley & Sons, Ltd.

An administrator's guide to internet password research

Abstract: The research literature on passwords is rich but little of it directly aids those charged with securing web-facing services or setting policies With a view to improving this situation we examine questions of implementation choices, policy and administration using a combination of literature survey and first-principles reasoning to identify what works, what does not work, and what remains unknown Some of our results are surprising We find that offline attacks, the justification for great demands of user effort, occur in much more limited circumstances than is generally believed (and in only a minority of recently-reported breaches) We find that an enormous gap exists between the effort needed to withstand online and offline attacks, with probable safety occurring when a password can survive 106 and 1014 guesses respectively In this gap, eight orders of magnitude wide, there is little return on user effort: exceeding the online threshold but falling short of the offline one represents wasted effort We find that guessing resistance above the online threshold is also wasted at sites that store passwords in plaintext or reversibly encrypted: there is no attack scenario where the extra effort protects the account

The emperor's new password manager: security analysis of web-based password managers

Abstract: We conduct a security analysis of five popular web-based password managers. Unlike "local" password managers, web-based password managers run in the browser. We identify four key security concerns for web-based password managers and, for each, identify representative vulnerabilities through our case studies. Our attacks are severe: in four out of the five password managers we studied, an attacker can learn a user's credentials for arbitrary websites. We find vulnerabilities in diverse features like one-time passwords, bookmarklets, and shared passwords. The root-causes of the vulnerabilities are also diverse: ranging from logic and authorization mistakes to misunderstandings about the web security model, in addition to the typical vulnerabilities like CSRF and XSS. Our study suggests that it remains to be a challenge for the password managers to be secure. To guide future development of password managers, we provide guidance for password managers. Given the diversity of vulnerabilities we identified, we advocate a defense-in-depth approach to ensure security of password managers.

I Sensed It Was You: Authenticating Mobile Users with Sensor-enhanced Keystroke Dynamics

Abstract: Mobile devices have become an important part of our everyday life, harvesting more and more confidential user information. Their portable nature and the great exposure to security attacks, however, call out for stronger authentication mechanisms than simple password-based identification. Biometric authentication techniques have shown potential in this context. Unfortunately, prior approaches are either excessively prone to forgery or have too low accuracy to foster widespread adoption.

Now you see me, now you don't: protecting smartphone authentication from shoulder surfers

Abstract: In this paper, we present XSide, an authentication mechanism that uses the front and the back of smartphones to enter stroke-based passwords. Users can switch sides during input to minimize the risk of shoulder surfing. We performed a user study (n = 32) to explore how switching sides during authentication affects usability and security of the system. The results indicate that switching the sides increases security while authentication speed stays relatively fast (≤ 4 seconds). The paper furthermore provides insights on accuracy of eyes-free input (as used in XSide) and shows how 3D printed prototype cases can improve the back-of-device interaction experience.

ZEBRA: Zero-Effort Bilateral Recurring Authentication

Abstract: Common authentication methods based on passwords, tokens, or fingerprints perform one-time authentication and rely on users to log out from the computer terminal when they leave. Users often do not log out, however, which is a security risk. The most common solution, inactivity timeouts, inevitably fail security (too long a timeout) or usability (too short a timeout) goals. One solution is to authenticate users continuously while they are using the terminal and automatically log them out when they leave. Several solutions are based on user proximity, but these are not sufficient: they only confirm whether the user is nearby but not whether the user is actually using the terminal. Proposed solutions based on behavioral biometric authentication (e.g., keystroke dynamics) may not be reliable, as a recent study suggests. To address this problem we propose Zero-Effort Bilateral Recurring Authentication (ZEBRA). In ZEBRA, a user wears a bracelet (with a built-in accelerometer, gyroscope, and radio) on her dominant wrist. When the user interacts with a computer terminal, the bracelet records the wrist movement, processes it, and sends it to the terminal. The terminal compares the wrist movement with the inputs it receives from the user (via keyboard and mouse), and confirms the continued presence of the user only if they correlate. Because the bracelet is on the same hand that provides inputs to the terminal, the accelerometer and gyroscope data and input events received by the terminal should correlate because their source is the same - the user's hand movement. In our experiments ZEBRA performed continuous authentication with 85% accuracy in verifying the correct user and identified all adversaries within 11s. For a different threshold that trades security for usability, ZEBRA correctly verified 90% of users and identified all adversaries within 50s.

Security challenge assisted password proxy

Abstract: Systems, apparatus, and methods of authentication utilizing contextual data to authenticate individuals and prevent security breaches are described herein. An example proxy engine may monitor interactions with a computing device to obtain contextual data unique to a user. The contextual data may be utilized to generate unique challenge questions in response to requests for access to a secure resource, and may eliminate the need for a user to remember credentials to access the resource. Challenge questions may be limited to a single use and vary in difficulty in proportion to the value of the resource. In response to correct responses to challenge question(s), the proxy engine may access a vault containing a credential authorizing access to the resource. The vault and proxy engine may be entirely contained on the computing device or they may be implemented on a remote apparatus accessed via an application or interface on the computing device.

Password managers: attacks and defenses

Abstract: We study the security of popular password managers and their policies on automatically filling in Web passwords. We examine browser built-in password managers, mobile password managers, and 3rd party managers. We observe significant differences in autofill policies among password managers. Several autofill policies can lead to disastrous consequences where a remote network attacker can extract multiple passwords from the user's password manager without any interaction with the user. We experiment with these attacks and with techniques to enhance the security of password managers. We show that our enhancements can be adopted by existing managers.

Round-Optimal Password-Protected Secret Sharing and T-PAKE in the Password-Only Model

Abstract: In a Password-Protected Secret Sharing (PPSS) scheme with parameters (t,n) (formalized by Bagherzandi et al.[2]), a user Alice stores secret information among n servers so that she can later recover the information solely on the basis of her password. The security requirement is similar to a (t,n)-threshold secret sharing, i.e., Alice can recover her secret as long as she can communicate with t + 1 honest servers but an attacker gaining access to t servers cannot learn any information about the secret. In particular, the system is secure against offline password attacks by an attacker controlling up to t servers. On the other hand, accounting for inevitable on-line attacks one allows the attacker an advantage proportional to the fraction of dictionary passwords tested in on-line interactions with the user and servers.

Storage array password management

Abstract: A system and method for generating passwords for secure login to a storage array. A randomly generated root secret is utilized along with a compartment ID to generate a root password for logging into a storage array with root privileges. The root secret is encrypted with the public key of a public-private key pair and stored on the storage array. The encrypted root secret is then stored in the storage array. When root access is needed, a private key stored externally to the storage array is utilized to decrypt the root secret. The decrypted root secret is then used along with the compartment ID to regenerate the root password.

Password portfolios and the finite-effort user: sustainably managing large numbers of accounts

Abstract: We explore how to manage a portfolio of passwords. We review why mandating exclusively strong passwords with no re-use gives users an impossible task as portfolio size grows. We find that approaches justified by loss-minimization alone, and those that ignore important attack vectors (e.g., vectors exploiting re-use), are amenable to analysis but unrealistic. In contrast, we propose, model and analyze portfolio management under a realistic attack suite, with an objective function costing both loss and user effort. Our findings directly challenge accepted wisdom and conventional advice. We find, for example, that a portfolio strategy ruling out weak passwords or password re-use is sub-optimal. We give an optimal solution for how to group accounts for re-use, and model-based principles for portfolio management.

Cryptanalysis and improvement of 'a robust smart-card-based remote user password authentication scheme'

Abstract: With the use of smart card in user authentication mechanisms, the concept of two-factor authentication came into existence. This was a forward move towards more secure and reliable user authentication systems. It elevated the security level by requiring a user to possess something in addition to know something. In 2010, Sood et al. and Song independently examined a smart-card-based authentication scheme proposed by Xu et al. They showed that in the scheme of Xu et al., an internal user of the system can turn hostile to impersonate other users of the system. Both of them also proposed schemes to improve the scheme of Xu et al. Recently, Chen et al. identified some security problems in the improved schemes proposed by Sood et al. and Song. To fix these problems, Chen et al. presented another scheme, which they claimed to provide mutual authentication and withstand lost smart card attack. Undoubtedly, in their scheme, a user can also verify the legitimacy of server, but we find that the scheme fails to resist impersonation attacks and privileged insider attack. We also show that the scheme does not provide important features such as user anonymity, confidentiality to air messages, and revocation of lost/stolen smart card. Besides, the scheme defies the very purpose of two-factor security. Furthermore, an attacker can guess a user's password from his or her lost/stolen smart card. To meet these challenges, we propose a user authentication method with user anonymity. We show through analysis and comparison that the proposed scheme exhibits enhanced efficiency in contrast to related schemes, including the scheme of Chen et al. Copyright © 2013 John Wiley & Sons, Ltd.

A large-scale empirical analysis of chinese web passwords

Abstract: Users speaking different languages may prefer different patterns in creating their passwords, and thus knowledge on English passwords cannot help to guess passwords from other languages well. Research has already shown Chinese passwords are one of the most difficult ones to guess. We believe that the conclusion is biased because, to the best of our knowledge, little empirical study has examined regional differences of passwords on a large scale, especially on Chinese passwords. In this paper, we study the differences between passwords from Chinese and English speaking users, leveraging over 100 million leaked and publicly available passwords from Chinese and international websites in recent years. We found that Chinese prefer digits when composing their passwords while English users prefer letters, especially lowercase letters. However, their strength against password guessing is similar. Second, we observe that both users prefer to use the patterns that they are familiar with, e.g., Chinese Pinyins for Chinese and English words for English users. Third, we observe that both Chinese and English users prefer their conventional format when they use dates to construct passwords. Based on these observations, we improve a PCFG (Probabilistic Context-Free Grammar) based password guessing method by inserting Pinyins (about 2.3% more entries) into the attack dictionary and insert our observed composition rules into the guessing rule set. As a result, our experiments show that the efficiency of password guessing increases by 34%.

An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps

Abstract: Three-party password-based authenticated key exchange (3PAKE) protocols allow two clients to establish a secure session key through a server over an insecure channel. Recently, the 3PAKE protocols have been developed based on Chebyshev chaotic maps, in which the clients utilize smart cards to login into the server and employ server’s public key to ensure the identity of the server or symmetric cryptosystems to encrypt the messages. However, this paper describes an efficient chaos-based 3PAKE protocol without smart cards, which requires neither server’s public key nor symmetric cryptosystems. The security of the proposed 3PAKE protocol is proved in the random oracle model using the chaos-based decisional Diffie–Hellman assumption. In comparison with the existing chaos-based 3PAKE protocols, our protocol individually provides better performance in terms of communication, computation, and security aspects, and is supported by the formal proof in the random oracle model.

A Secure and Effective Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks

Abstract: Recently, Mun et al. analyzed Wu et al.'s authentication scheme and proposed an enhanced anonymous authentication scheme for roaming service in global mobility networks. However, through careful analysis, we find that Mun et al.'s scheme is vulnerable to impersonation attacks and insider attacks, and cannot provide user friendliness, user's anonymity, proper mutual authentication and local verification. To remedy these weaknesses, we propose a novel anonymous authentication scheme for roaming service in global mobility networks. Compared with previous related works, our scheme has many advantages. Firstly, the secure authenticity of the scheme is formally validated by an useful formal model called BAN logic. Secondly, the scheme enjoys many important security attributes including prevention of various attacks, user anonymity, no verification table, local password verification and so on. Thirdly, the scheme does not use timestamp, thus it avoids the clock synchronization problem. Further, the scheme contains the authentication and establishment of session key scheme when mobile user is located in his/her home network, therefore it is more practical and universal for global mobility networks. Finally, performance and cost analysis show our scheme is more suitable for low-power and resource limited mobile devices and thus availability for real implementation.

Captcha as Graphical Passwords—A New Security Primitive Based on Hard AI Problems

Abstract: Many security primitives are based on hard mathematical problems. Using hard AI problems for security is emerging as an exciting new paradigm, but has been under-explored. In this paper, we present a new security primitive based on hard AI problems, namely, a novel family of graphical password systems built on top of Captcha technology, which we call Captcha as graphical passwords (CaRP). CaRP is both a Captcha and a graphical password scheme. CaRP addresses a number of security problems altogether, such as online guessing attacks, relay attacks, and, if combined with dual-view technologies, shoulder-surfing attacks. Notably, a CaRP password can be found only probabilistically by automatic online guessing attacks even if the password is in the search set. CaRP also offers a novel approach to address the well-known image hotspot problem in popular graphical password systems, such as PassPoints, that often leads to weak password choices. CaRP is not a panacea, but it offers reasonable security and usability and appears to fit well with some practical applications for improving online security.

Cryptanalysis and Improvement of Yan et al.'s Biometric-Based Authentication Scheme for Telecare Medicine Information Systems

Abstract: Remote user authentication is desirable for a Telecare Medicine Information System (TMIS) for the safety, security and integrity of transmitted data over the public channel. In 2013, Tan presented a biometric based remote user authentication scheme and claimed that his scheme is secure. Recently, Yan et al. demonstrated some drawbacks in Tan's scheme and proposed an improved scheme to erase the drawbacks of Tan's scheme. We analyze Yan et al.'s scheme and identify that their scheme is vulnerable to off-line password guessing attack, and does not protect anonymity. Moreover, in their scheme, login and password change phases are inefficient to identify the correctness of input where inefficiency in password change phase can cause denial of service attack. Further, we design an improved scheme for TMIS with the aim to eliminate the drawbacks of Yan et al.'s scheme.

Towards reliable storage of 56-bit secrets in human memory (extended version)

Abstract: Challenging the conventional wisdom that users cannot remember cryptographically-strong secrets, we test the hypothesis that users can learn randomly-assigned 56- bit codes (encoded as either 6 words or 12 characters) through spaced repetition. We asked remote research participants to perform a distractor task that required logging into a website 90 times, over up to two weeks, with a password of their choosing. After they entered their chosen password correctly we displayed a short code (4 letters or 2 words, 18.8 bits) that we required them to type. For subsequent logins we added an increasing delay prior to displaying the code, which participants could avoid by typing the code from memory. As participants learned, we added two more codes to comprise a 56.4- bit secret. Overall, 94% of participants eventually typed their entire secret from memory, learning it after a median of 36 logins. The learning component of our system added a median delay of just 6.9 s per login and a total of less than 12 minutes over an average of ten days. 88% were able to recall their codes exactly when asked at least three days later, with only 21% reporting having written their secret down. As one participant wrote with surprise, “the words are branded into my brain.” While our study is preliminary in nature, we believe it debunks the myth that users are inherently incapable of remembering cryptographically-strong secrets for a select few high-stakes scenarios, such as a password for enterprise login or as a master key to protect other credentials (e.g., in a password manager).

A User Anonymity Preserving Three-Factor Authentication Scheme for Telecare Medicine Information Systems

Abstract: The telecare medicine information system enables the patients gain health monitoring at home and access medical services over internet or mobile networks. In recent years, the schemes based on cryptography have been proposed to address the security and privacy issues in the telecare medicine information systems. However, many schemes are insecure or they have low efficiency. Recently, Awasthi and Srivastava proposed a three-factor authentication scheme for telecare medicine information systems. In this paper, we show that their scheme is vulnerable to the reflection attacks. Furthermore, it fails to provide three-factor security and the user anonymity. We propose a new three-factor authentication scheme for the telecare medicine information systems. Detailed analysis demonstrates that the proposed scheme provides mutual authentication, server not knowing password and freedom of password, biometric update and three-factor security. Moreover, the new scheme provides the user anonymity. As compared with the previous three-factor authentication schemes, the proposed scheme is more secure and practical.