Cryptology ePrint Archive: Report 2012/148
Replacing Username/Password with Software-Only Two-Factor Authentication
Abstract: It is basically a solved problem for a server to authenticate itself to a client using standard methods of Public Key cryptography. The Public Key Infrastructure (PKI) supports the SSL protocol which in turn enables this functionality. The single-point-of-failure in PKI, and hence the focus of attacks, is the Certification Authority. However this entity is commonly off-line, well defended, and not easily got at. For a client to authenticate itself to the server is much more problematical. The simplest and most common mechanism is Username/Password. Although not at all satisfactory, the only onus on the client is to generate and remember a password -- and the reality is that we cannot expect a client to be sufficiently
sophisticated or well organised to protect larger secrets. However Username/Password as a mechanism is breaking down. So-called zero-day attacks on servers commonly recover files containing information related to passwords, and unless the passwords are of sufficiently high entropy they will be found. The commonly applied patch is to insist that clients adopt long, complex, hard-to-remember passwords.
This is essentially a second line of defence imposed on the client to protect them in the (increasingly likely) event that the authentication server will be successfully hacked. Note that in an ideal world a client should be able to use a low entropy password, as a server can limit the number of attempts the client can make to authenticate itself. The often proposed alternative is the adoption of multifactor authentication. In the simplest case the client
must demonstrate possession of both a token and a password. The banks have been to the forefront of adopting such methods, but the token is invariably a physical device of some kind. Cryptography's embarrassing secret is that to date no completely satisfactory means has been discovered to implement two-factor authentication entirely in software. In this paper we propose such a scheme.
Category / Keywords: cryptographic protocols /
Date: received 20 Mar 2012, last revised 7 Aug 2012
Contact author: mike scott at certivox com
Available format(s): PDF | BibTeX Citation
Note: New Title. Completely rewritten.
Version: 20120807:134322 (All versions of this report)
Short URL: ia.cr/2012/148
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]