password less authentication - owasp€¦ · 11 why factors ‐motivation human psychefor mobile...
TRANSCRIPT
PasswordLessAuthentication
(PLA)
SrikarSagi
2
WhyFactors‐ ProblemStatement WhyFactors– Motivations MobileDevicebasedAuthentication UserRegistration UserExperience AuthenticationProcess AuthenticationSchematics CompetitorstoPLA OTP&PLADifferentiators References&QnA Appendix
Agenda
3
WhyFactors‐ProblemStatementsCustomersTooManyPasswords,passwordcomplexities,samepasswords,sharingofpasswords
4
WhyFactors‐ProblemStatementsCustomersPasswordChanges,Resetrequests&RememberingSecurityQuestionsformanysites
5
WhyFactors‐ProblemStatementsCustomersToomanyTokens,TokenCosts,LostTokens,DispatchCosts&LostBusinessCosts
6
WhyFactors‐ProblemStatementsExecutiveManagement• Costof‐‐ FraudOperations,SoftwareSecurityControls,ServiceDesk,FrustratedUsers&Lostbusiness
• IdentityTheft9.8%(IC3‐2010)‐ 3rdMostInternetCrimehttp://ic3report.nw3c.org/docs/2010_IC3_Report_02_10_11_low_res.pdf
• PoneMon Report– 2011‐ CostofCyberCrimeStudyhttp://docs.media.bitpipe.com/io_10x/io_101711/item_452026/2011%202nd%20Annual%20Ponemon%20Cost%20of%20Cybercrime%20Study.pdf
• TheShockingScaleofCybercrime‐ SharedbyRichardR.inMobileSecurityTrends‐ LinkedInhttp://www.linkedin.com/news?viewArticle=&articleID=761361820&gid=3802786&type=member&item=69965873&articleURL=http%3A%2F%2Fus.norton.com%2Fcontent%2Fen%2Fus%2Fhome_homeoffice%2Fhtml%2Fcybercrimereport%2F&urlhash=Cjo1&goback=.gde_3802786_member_69965873
• StateofEnterpriseSecurity‐ 2010ReportbyNortonhttp://www.symantec.com/content/en/us/about/presskits/SES_report_Feb2010.pdf
7
SMSBankTokensVulnerablehttp://www.zdnet.com.au/sms‐bank‐tokens‐vulnerable‐rsa‐339308633.htm
WhyFactors‐Motivation
8
OneTimePasswordsarenotSecure– Analysishttps://infosecisland.com/blogview/11813‐One‐Time‐Passwords‐are‐Not‐Secure‐Enough.htmlhttp://www.nowires.org/Papers‐PDF/OTPanalysis.pdf
WhyFactors‐Motivation
9
WhyFactors‐MotivationRSASecure‐IDHardwareTokenHackedhttp://technorati.com/technology/it/article/rsa‐hackedtime‐to‐panic‐for‐corporate/
10
WhyFactors‐MotivationUSChamberofCommerce– ProposingNoPasswords,OnlyH/WorSmartPhonebasedLoginhttp://arstechnica.com/tech‐policy/news/2011/04/with‐passwords‐broken‐us‐rolls‐out‐internet‐identity‐plan.ars
11
WhyFactors‐Motivation
HumanPsyche forMobilephones FrustratedUsers– many&similarPasswords HumanDependencyonMobilephones TrustonMobileNetwork’sControlChannel IncreaseinMobileDeviceCapabilities UseofMobile’sGeoLoc’forAuthorizationDecision TrustonPublicKeyCryptography AutomatedMobileSignalattacksarecostly(Logistics) MobileApps– ControlledbyCentralReleaseAuthorities MobilePhonePopulationcrossing5Billiondevices Adult(15‐65)Populationmorethan3Billionoutof7Billion Expected– 50BillionInternetconnectedDevicesby2020
12
MobileDevicebasedAuthentication
Onwership BasedAuthenticationwithMobileFor
1. SpeedofAuth/Z2. EaseofUse(UI,Registration)3. AdaptationFlexibility&Scalability
14
Nikolas
UserRegistration
‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐I Want Password Less Authentication‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐
FaceLog Payments & Identity Systems
15
123789
919176617699
919176617699
UserRegistration
123789
User Name
Choose a 6 Digit PIN(The same PIN you need to select for your mobile Application)
Re‐Enter Same 6 Digit PIN(The same PIN you need to select for your mobile Application)
Enter Personal Mobile Phone Number (This Mobile Proves Your Identity – Hence Keep this Phone Private to yourself)(Eg: If your mobile Number is 9647748443 and your country is India then enter as 919647748443)
Re‐Enter Personal Mobile Phone Number(This Mobile Proves Your Identity – Hence Keep this Phone Private to yourself)(Eg: If your mobile Number is 9647748443 and your country is India then enter as 919647748443)
By Clicking the button below, I Agree All the terms & conditions of PayPal User Agreement and Privacy PolicyYour Download Message Code = X12‐972JM123‐ABC – Download the app only if you see this
FaceLog Payments & Identity Systems
16
UserRegistration
You Got a Message from www.facelog.com
to download the PLA Mobile Application from the
Below Link
http://www.facelog.com/download/pla/user/msgcode= X12‐
972JM123‐ABC
Select “YES” to Download
PLA Mobile App
17
UserRegistration
18
UserRegistration
To readIMSI &ICC‐ID
19
UserRegistration
Same PINEntered on
the web page
20
UserRegistration
UID, IMSI, ICCI‐ID, Mobile Number in the DB
OperatorDataCenter
MSC
HLR
SS7
1
2
3
4
Decrypt IMSI, ICC‐ID with Servier’s PvtKey
21
UserRegistration
Update DB with AppID for
the UserOperatorDataCenter
MSC
HLR
SS7
Create AppIDwith Rand Generator(with some other Info)
Encrypt AppID with (PIN+IMSI+ ICC‐ID) & ReEncrypt with Servier’s Pvt Key
1
2
3
4
5
22
UserExperience
Request Challenge‐1
******
FaceLog Payments & Identity Systems
Your Web ChallengeEnter This Challenge in Your Mobile App
5678
23
UserExperience
Enter Challenge‐1 to Authenticate
24
Nikolas
UserExperience
FaceLog Payments & Identity Systems
25
AuthenticationProcess
Step‐1 Credential Collection on TWO distinct Networks
Step‐2 User ID is sent by User asmultipart/x‐mixed‐replace Requestand Challenge‐1 is received onWeb Page from Serveron IP Network as a multipart/x‐mixed‐replace Response
Step‐3 Server Sends Challenge‐2 as Push/SMS Message on MobilePhone over the air using Telecom Network (stores Challenge‐1 & 2)
Step‐4 User enters Challenge‐1 on Mobile App & Mobile App readsChallenge‐2 from Push/SMS, Hashes C1+C2+IMSI+ICC‐ID+AppIDand Encrypts with Server’s Public Key (Encrypted Packet)
NOTE: Challenge‐2 is always Opaque to user– may or may not know
26
AuthenticationProcess
Step‐5 EncryptedPacketisSentasSMS/PushResponsefromMobileNetwork
Step‐6 Server reads the Push Response/SMS Message from User
Step‐7 Server Decrypts Encrypted Packet with its Private Key
Step‐8 Server loads C1+C2+IMSI+ICC‐ID+AppID stored in theDatabase for that user’s request and hashes again
Step‐9 If Hashes Match then Welcome screen is pushed to the webuser as a Response tomultipart/x‐mixed‐replace
Challenge‐1, 2 And UID
Stored in Temp Auth DB
27
1
2
3
4
SSL/IP Network
TeleCom
5
Return Challenge‐1HTTP multipart/x‐mixed‐replace MIME Response
Send UID & Request For Login
Login Page of www.facelog.comAccessed with Desk/LapTop
NetBook/SmartPhone
ChallengeGenerator
1] Enter UID2] get Server’s Challenge‐1
Submit
7
6
OperatorDataCenter
MSC
HLR
SS7
Your Challenge‐1
A2Z4
IMSI, ICC‐ID Already AvailableAs part of User Registration
Return Challenge ‐2(Any one Channel –SMS/USSD/GPRS/3G)
HTTP multipart/x‐mixed‐replace MIME Request
AuthenticationSchematics
Internet
You Received AuthChallenge – Open
App
28
1
2
3 4
OperatorDataCenter
MSC
HLR
SS7
5
Challenge‐1,2,IMSI, ICC‐ID & UID From Auth DB
Internet
6
Decrypt Data with Server’s Pvt Key & GenerateHash & Compare Challenge
Return Auth Result –or‐Main Page/Insider Pages(multipart/x‐mixed‐replaceREFRESH/Update)
Login Page of www.facelog.comAccessed with Desk/LapTop
NetBook/SmartPhone
Waiting For AuthResult
Submit
Send EncryptedPacket
( Encrypted Hash ofChallenge‐1 & 2
+IMSI+ICC‐ID+AppID)
(Any one Channel –SMS/USSD/GPRS/3G)
SSL/IP Network
TeleCom
AuthenticationSchematics
A2Z4
Enter Challenge‐1 to Authenticate
29
#
ConnectivityProtocol /Bearer Channel
DevCost
OS Comp
InitialTestingCost
IntegrationCost
(BetweenOperator& Servers)
ConnectionSpeed
ConnectionType
LocationDependency
UserExperience (Server Response Speed)
SetupCosts
(H/W & S/W)
End UserCharges
OPSCost
Support(user
compliants)
1 SMS LOWDevices that has Java 1.4 or above
MEDIUM LOWEST LOW Store & Forward Yes ‐ LOW LOW LOW LOW MEDIU
M HIGH
2 GPRS MEDIUM
Devices that has Java 1.4 or above
LOW LOW MEDIUM Packet Based Yes ‐ LOW SUPER LOW MEDIU
MMEDIUM
MEDIUM
3 3G HIGHDevices that has Java 1.4 or above
HIGH HIGH HIGH Conn‐‐Oriented Yes ‐ HIGH SUPERLATI
VE HIGH HIGH HIGH HIGH
4
USSD‐USSROver SMPP
LOWDevices that has Java 1.4 or above
HIGH HIGH HIGH
Session based
(betweenHandset & N/W)
Yes ‐
HIGH
SUPERLATIVE
MEDIUM NIL LOW MEDIU
M
USSR‐Unstructured Supplementary Service Request (Network Initiated Push for Application Start‐Up)
Best Channel with Best User Experience
BestChannel– RealExperienceforPLA
30
Products–BrowserIDSolidPass.com(Allorsomeproducts)GooglePINCheck/VerificationCode
ResearchPapers–SecureWebAuthenticationwithMobilePhonesbyMinWu,Simson Garfinkel,[email protected]://homepages.mcs.vuw.ac.nz/~ian/shared/papers/secureweb.pdf
SecureWebAuthenticationwithMobilePhonesbyMinWu,Simson Garfinkel,[email protected]://dimacs.rutgers.edu/Workshops/Tools/slides/wu.ppt
ThesamepaperthatwaspublishedinIEEEhttp://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5951918
PLA,BrowserID,SolidPass&GooglePINCheck&theresearch paperbyMITStudentsallarebasedon“Ownership”basedauthenticationmodelandhencetheyallcanbedirectlycomparedfor
1. SpeedofAuth/Z2. EaseofUse(UI,Registration)3. Portability4. AdaptationFlexibility&Scalability5. SecurityAspects
CompetitorstoPLA
31
OTPs PLA1 MultipleTokens‐ foreach"SecureBankingService“‐ ICICI,HDFC,CITI
Noneedtocarrymultipletokensforeach"SecureBankingService"
2 RememberUIDsorUserNos Norememberingofpasswordsforany"SecureBankingService“‐ Onlyremembertheuser ID
3 RememberingrespectivepasswordsforeachUserIDsorUserNumbers
Easytoaddnew"PublicKey"forany"SecureBankingService”insamemobileapp.
4ChangingrespectivepasswordsforeachUserIDsorUserNumbersinCredentiallifecycle
ApplicationLogicshalltakecareofselectingwhich"PublicKey"tousetoencryptTokensforwhich"SecureBankingService"
5 Dependent onMobileNetwork(MobileOTPs&PLABoth)
Canbeusedfor"Authorization“ aswell(Requiresadditionaldevelopment)
6 Costfor HelpDesk/Support Callsfor SecureBankingServicecanavoid theCOSTSofLoginIssues/Resets LoginissuesontheIPNetworkTokenIssuance, Maintenance PasswordStrength/Expiry/Losses/ResetsTokenSupportcalls OnlyMobile AppUpdatesisunavoidablecost
HelpDesk/ServiceDeskCalls
OTP&PLA‐ Differentiators
32
[1]IdentityTheft9.8%(IC3‐2010)‐ 3rdMostInternetCrimehttp://ic3report.nw3c.org/docs/2010_IC3_Report_02_10_11_low_res.pdf
[2]PoneMon Report– 2011‐ CostofCyberCrimeStudyhttp://docs.media.bitpipe.com/io_10x/io_101711/item_452026/2011%202nd%20Annual%20Ponemon%20Cost%20of%20Cybercrime%20Study.pdf
[3]SMSBankTokensVulnerablehttp://www.zdnet.com.au/sms‐bank‐tokens‐vulnerable‐rsa‐339308633.htm
[4]OneTimePasswordsarenotSecure– Analysishttps://infosecisland.com/blogview/11813‐One‐Time‐Passwords‐are‐Not‐Secure‐Enough.htmlhttp://www.nowires.org/Papers‐PDF/OTPanalysis.pdf
[5]RSASecure‐IDHardwareTokenHackedhttp://technorati.com/technology/it/article/rsa‐hackedtime‐to‐panic‐for‐corporate/
[6]USChamberofCommerce– ProposingNoPasswords,OnlyH/WorSmartPhonebasedLoginhttp://arstechnica.com/tech‐policy/news/2011/04/with‐passwords‐broken‐us‐rolls‐out‐internet‐identity‐plan.ars
[7]Responsetimereasons&panicofusersfortheirlostorstolenmobileshttp://www.zdnetasia.com/hardware‐vulnerable‐in‐two‐factor‐authentication‐39342580.htm
[8]TokenTypes,Costs,Comparisons&CurrentImplementorshttp://www.zdnetasia.com/war‐of‐the‐tokens‐62037260.htm
[9]Miscellaneoushttp://news.techworld.com/security/3258312/hackers‐break‐us‐government‐smart‐card‐securityhttp://blogs.gartner.com/avivah‐litan/2010/12/15/2011‐threats‐and‐trends/http://www.bankinfosecurity.com/articles.php?art_id=1732http://www.bankinfosecurity.com/articles.php?art_id=2728
References
33
QnA
34
Appendix
POCExploit/FailureScenarios Differentiators– OTP&POC OTPCosts&Cons References
35
POCExploit‐1‐ ReplaySMSattackAttackercanreplayi.e.Capturethesignal&resenditwithinthetimeframe– attackerwouldonlyhelptheenduserofthePOC
POCExploit‐2‐ SendingFakeSMSAttackercansendfakeSMSonbehalfthePOCUser– butcannotreceiveSMSonbehalfofPOCUser– Courtesy“ControlChannel”ofMobileNetwork,forasuccessfulauthenticationtheattackermustreceivetheinitialPush/SMSMessage
POCExploit‐3‐ AtotalCompromiseForSuccessfulcompromiseattackermustknow&have:UserID,CellPhoneNo,IMSI,ICC‐ID,Token‐1&2,AppIDandthe“ControlChannel”toreceiveNetworkMessage
POCExploit/FailureScenarios
36
POCExploit‐4‐ Lost/StolenMobilesMobilePhoneisapreciousdevicehencethetimetakenforanownertodiscoverlossofMobileislikelytobemuchshorter comparedtolossoftokens,whichisusedonlywhilemakingabankingtransaction.
‐‐‐‐Jukka Riivari,CEO&PresidentofMerideaSource:http://www.zdnetasia.com/hardware‐vulnerable‐in‐two‐factor‐authentication‐39342580.htm
POCExploit‐5‐ ZeroProtectionScenarioAttackerhavingoverpoweredthePOCUser&MobileSubscriber,tookcontrolofMobiledevice&theDesktop/Laptop/NetBook –thisPOCwillcompletelyfail
POCFailureScenario–1‐MultipleUsersPOCcannotbeusedinLeastDevelopedCountries,whereMicro‐PaymentsarerampantforMultipleUserspermobile
POCExploit/FailureScenarios
37
Hardwaretoken–Source‐http://www.zdnetasia.com/war‐of‐the‐tokens‐62037260.htm
Banks ABNAmro,ChinaConstructionBank,CitibankSingapore,DBS,HSBC,OCBC,UBS,UOB
Pros ‐ Hasbeenaroundlonger‐ Notdependentonthemobilephoneoperatornetwork‐ Doesnotrequireanydownloadsorsetup
Cons ‐Inconveniencedueto"necklacesyndrome",‐wherecustomerswithmultipleBankA/cwithdifferentBankswillhavetocarrymultipletokens‐Higherimplementationcosts.‐Expertsestimatehardware'srecurringcoststobearoundS$40(US$24.50)toS$60(US$36.74)peruserperyear,comparedtounderS$10(US$6.12)peruserperyearforsoftware‐basedtokens‐ Customerhastopayareplacementfeeifit'slost‐ Nottamper‐proof
OTPCosts&Cons
38
Softwaretokenformobile– Source‐ http://www.zdnetasia.com/war‐of‐the‐tokens‐62037260.htm
Banks OCBCSingapore
Pros ‐ Mobilephoneisubiquitous‐ Noreplacementfee;customersimplyhastodownloadthesoftwareapplicationtohisnewphone
Cons ‐Dependentonthemobileoperatornetwork
‐Mobilephonecanbeaseasilylostashardwaretoken,althoughchancesofsomeonerealizinghisphoneismissingarehigherthanitwouldbewiththehardwaretoken
‐ Stillverynew&customersarelessfamiliarwithprocess,comparedtoSMS
OTPCosts&Cons
39
SMSTokens– Source‐ http://www.zdnetasia.com/war‐of‐the‐tokens‐62037260.htm
Banks CitibankSingapore&HongKong,OCBC,StandardChartered,UOB
Pros ‐ Mobilephoneisubiquitous‐ PeopleinAsiaarefamiliarwithSMS‐ Requiresnotraining
Cons ‐Dependentonthemobileoperatornetwork‐ Potentialissueslikelosttransmissionandunexpecteddelayduringfestiveseasonsorwhenoneisoverseas
‐Mobilephonecanbeaseasilylostashardwaretoken,althoughthechancesofsomeonerealizinghisphoneismissingarehigherthanitwouldbewiththehardwaretoken
OTPCosts&Cons