Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University"— Presentation transcript:

1 Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University http://crypto.stanford.edu/PwdHash

2 2 Password Phishing Problem Bank A Fake Site u User cannot reliably identify fake sites u Captured password can be used at target site pwd A

3 3 Common Password Problem Bank A vulnerable site high security site pwd A pwd B = pwd A  Phishing attack or break-in at site B reveals pwd at A Server-side solutions will not keep pwd safe Solution: Strengthen with client-side support Site B

4 4 Our Solution: PwdHash u Lightweight browser extension u Impedes password theft u Invisible to server u Invisible to user  Pwd Prefix  Pwd Hashing

5 5 Password Hashing Bank A hash(pwd B, SiteB) hash(pwd A, BankA) Site B u Generate a unique password per site HMAC fido:123 (banka.com)  Q7a+0ekEXb HMAC fido:123 (siteb.com)  OzX2+ICiqc pwd A pwd B =

6 6 Password Hashing: past attempts u Hash pwd with realm provided by remote site: HTTP 1.1 Digest Authentication Kerberos 5 Does not prevent phishing, common pwd u Hash pwd with network service name: Abadi, Bharat, Marais [PTO ’97] Standalone. Gabber, Gibbons, Mattias, Mayer [FC ’97]. Proxy. Relies on intercepting traffic  can’t handle https

7 7 Password Hashing: a popular idea u Recent password hashing projects: u Similar hashing algorithms u Only PwdHash defends against spoofing and is invisible to the user Site Password Password Maker Genpass Passwdlet Password Composer Magic Password Generator PwdHash Password Generator Extension

8 8 The Spoofing Problem u JavaScript can display password fields or dialogs: u Unhashed password sent to attacker in clear

9 9 Password Prefix u Original pwd should never be visible to web page OzX2+ICiqc Site B @@fido:123 @@abcdefgh

10 10 Password Prefix: How it works u Normal operation: Prefix in password field u Abnormal operation: Prefix in non-password field Can just ignore the prefix and not hash Remind user not to enter password @@fido:123  @@abcdefgh  ********** abcdefgh  fido:123 HMAC fido:123 (siteb.com)  Q7a+0ekEXb

11 11 Why use Password Prefix? u Protection mechanism “built in” to password u Does not rely on user to make a decision u Same prefix works for everyone u Distinguishes secure passwords from normal passwords social security numbers PINs u Only use it when you want to

12 12 Other Trusted Pwd Interfaces u Password prefix u Secure attention sequence u Trusted image or phrase: Passmark DSS Starts with @@

13 13 Other Challenges u Password Reset u Internet Cafes u Dictionary Attacks u Spyware, DNS poisoning (no protection) u Other issues (described in the paper) Choosing salt for hash Encoding hashed password Additional attacks and defenses

14 14 u After install, PwdHash can’t protect existing pwds Only passwords starting with @@ are secure User can choose where to use PwdHash User must enter old password unhashed into password reset page u Pwd Prefix makes it easy Old passwords won’t be accidentally hashed New, secure passwords are automatically hashed Password Reset Starts with @@

15 15 Internet Cafes u Users cannot install software at Internet Cafes. u Would not be a problem if PwdHash were universally available u Interim solution: A secure web site for remote hashing, e.g. https://www.pwdhash.com u Hash is computed using JavaScript Server never sees password Resulting hash is copied into clipboard Can also be used as a standalone password generator Internet Explorer Firefox

16 16 Dictionary attacks u After phishing attack or break-in to low security site, attacker can repeatedly guess password and check hash. Succeeds on  15% of passwords (unlike 100% today) Less effective on longer, stronger passwords u Solution: better authentication protocol (SPEKE, SRP, etc.) Requires server-side changes u Defense: user specifies a global pwd to strengthen all pwd hashes Creates a new pwd management problem for shared machines u Defense: slow hash function (Halderman, Waters, Felten ‘05) Increases time of dictionary attack aardvark, aback, abacus, abandon…

17 17 PwdHash: Try it out u Prototype for Internet Explorer and Mozilla Firefox u Defends against spoofing u Invisible to user u Invisible to server u Complementary to other anti-phishing solutions u Only use it when you want to www.pwdhash.com

Download ppt "Stronger Password Authentication Using Browser Extensions Blake Ross, Collin Jackson, Nick Miyake, Dan Boneh, John Mitchell Stanford University"

Similar presentations

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Passwords Don’t Get No Respect – Or, How to Make the Most of Weak Shared Secrets Burt Kaliski, RSA Laboratories DIMACS Workshop on Theft in E-Commerce.

Passwords Don’t Get No Respect – Or, How to Make the Most of Weak Shared Secrets Burt Kaliski, RSA Laboratories DIMACS Workshop on Theft in E-Commerce.
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
1 J. Alex Halderman A Convenient Method for Securely Managing Passwords J. Alex Halderman Princeton Brent Waters Stanford Edward W. Felten Princeton.

1 J. Alex Halderman A Convenient Method for Securely Managing Passwords J. Alex Halderman Princeton Brent Waters Stanford Edward W. Felten Princeton.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
User Authentication and Password Management John Mitchell CS 142 Winter 2009.

User Authentication and Password Management John Mitchell CS 142 Winter 2009.
1 A Privacy-Preserving Defense Mechanism Against Request Forgery Attacks Ben S. Y. Fung and Patrick P. C. Lee The Chinese University of Hong Kong TrustCom’11.

1 A Privacy-Preserving Defense Mechanism Against Request Forgery Attacks Ben S. Y. Fung and Patrick P. C. Lee The Chinese University of Hong Kong TrustCom’11.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lecture 22: April 17, 2007 Browser-based Security and Privacy Tools.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Iron Key and Portable Drive Security Zakary Littlefield.

Iron Key and Portable Drive Security Zakary Littlefield.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Context-Aware Phishing Attacks and Client-Side Defenses Collin Jackson Stanford University.

Context-Aware Phishing Attacks and Client-Side Defenses Collin Jackson Stanford University.

Similar presentations

Ads by Google