Abstract
One recent thread of academic and commercial research into web authentication has focused on schemes where users scan a visual code with their smartphone, which is a convenient alternative to password-based login. We find that many schemes in the literature (including, previously, our own) are, unfortunately, vulnerable to relay attacks. We explain the inherent reasons for this vulnerability and offer an architectural fix, evaluating its trade-offs and discussing why it has never been proposed by other authors.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Cfr. definitions of Memoryless, Scalable-for-Users and Nothing-to-Type in the Usability, Deployability and Security (UDS) framework of Bonneau et al. [2].
- 2.
As defined in the UDS framework [2].
- 3.
Or were, in the case of Pico.
- 4.
At least as far as we can infer—some schemes have not openly published a complete specification.
- 5.
As already envisaged in the original paper [20] as well as in our other paper in these proceedings, “Bootstrapping adoption of the Pico password replacement scheme”.
- 6.
There is also a commercial mobile application [12] of the same name, but it is equivalent to a password wallet and bears only a superficial resemblance to the other schemes discussed here.
- 7.
It would still be prudent to sign the contents of visual codes to prevent such attacks.
- 8.
Unless of course the victim uses the same password on every site.
- 9.
The existing visual channel from browser to scanner is of course unsuitable because it is unidirectional in the wrong direction.
- 10.
It would still be possible for attackers listen for nonces by typosquatting on domains similar to the domain of a popular website \(W\).
- 11.
We thank Olgierd Pieczul for pointing this out during the workshop.
- 12.
For example the qrcode.js library (https://github.com/davidshimjs/qrcodejs) uses the new HTML5 canvas drawing element.
- 13.
The real problem instead being that the specification was wrong, in so far as the scheme is vulnerable to relay.
References
Beth, T., Desmedt, Y.G.: Identification tokens – or: solving the chess grandmaster problem. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 169–176. Springer, Heidelberg (1991)
Bonneau, J., Herley, C., van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP ’12, pp. 553–567. IEEE Computer Society, Washington (2012). http://dx.doi.org/10.1109/SP.2012.44
Brands, S., Chaum, D.: Distance bounding protocols (extended abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)
Cobos, J.J.L., Hoz, P.C.D.L.: Method and system for authenticating a user my means of a mobile device. Patent filed 17 September 2009, published 4 September 2012
Desmedt, Y.G., Goutier, C., Bengio, S.: Special uses and abuses of the fiat shamir passport protocol. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 21–39. Springer, Heidelberg (1988). http://dl.acm.org/citation.cfm?id=646752.704723
Desmedt, Y.G., Goutier, C., Bengio, S.: Special uses and abuses of the fiat shamir passport protocol. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 21–39. Springer, Heidelberg (1988)
DeSoto, D.B., Peskin, M.A.: Login using QR code. Patent filed 15 February 2013, published 22 August 2013
Dodson, B., Sengupta, D., Boneh, D., Lam, M.S.: Secure, consumer-friendly web authentication and payments with a phone. In: Gris, M., Yang, G. (eds.) MobiCASE 2010. LNICST, vol. 76, pp. 17–38. Springer, Heidelberg (2012)
Fu, H.P.: Pico: no more passwords! Msc thesis, University of Leuven, Flanders, Belgium (2013). https://www.cosic.esat.kuleuven.be/publications/thesis-232.pdf
Gibson, S.: Secure quick reliable login. https://www.grc.com/sqrl/sqrl.htm, October 2013. Accessed 6 Nov 2013
Howard, A.: QRAuth. Bsc. thesis, Bournemouth University, Bournemouth, UK (2012). https://www.grc.com/sqrl/files/Adam-Howard-FYP-Dissertation.pdf
Computing Objects Inc.: QRAuth. http://www.computingobjects.com/qrauthinfo (2012). Accessed 13 Nov 2013
ISO: Information technology–automatic identification and data capture techniques–QR Code 2005 bar code symbology specification. ISO 18004:2006, International Organization for Standardization, Geneva, Switzerland (2006)
Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Christianson, B., Lomas, M., Crispo, B., Roe, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 91–104. Springer, Heidelberg (1998). http://dl.acm.org/citation.cfm?id=647215.720386
Krawczyk, H.: SIGMA: the ‘SIGn-and-MAc approach’ to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003). http://dx.doi.org/10.1007/978-3-540-45146-4_24
Laurie, B., Singer, A.: Choose the red pill and the blue pill: a position paper. In: Proceedings of the 2008 Workshop on New Security Paradigms, NSPW ’08, pp. 127–133. ACM, New York (2008). http://doi.acm.org/10.1145/1595676.1595695
Mannan, M.S., van Oorschot, P.C.: Using a personal device to strengthen password authentication from an untrusted computer. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 88–103. Springer, Heidelberg (2007). http://dl.acm.org/citation.cfm?id=1785594.1785610
M’Raihi, D., Rydell, J., Bajaj, S., Machani, S., Naccache, D.: OCRA: OATH Challenge-Response Algorithm. RFC 6287 (Informational), June 2011. http://www.ietf.org/rfc/rfc6287.txt
Parno, B., Kuo, C., Perrig, A.: Phoolproof phishing prevention. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 1–19. Springer, Heidelberg (2006)
Stajano, F., Stajano, F.: Pico: no more passwords!. In: Christianson, B., Crispo, B., Malcolm, J., Stajano, F. (eds.) Security Protocols 2011. LNCS, vol. 7114, pp. 49–81. Springer, Heidelberg (2011). http://dx.doi.org/10.1007/978-3-642-25867-1_6
Van Rijswijk, R.M., Van Dijk, J.: Tiqr: a novel take on two-factor authentication. In: Proceedings of the 25th International Conference on Large Installation System Administration, LISA’11, p. 7. USENIX Association, Berkeley (2011). http://dl.acm.org/citation.cfm?id=2208488.2208495
Acknowledgments
We gratefully acknowledge the European Research Council for funding this research under grant 307224.
We also thank Olgierd Pieczul for pointing out the login gifting attack during the workshop.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Jenkinson, G., Spencer, M., Warrington, C., Stajano, F. (2014). I Bought a New Security Token and All I Got Was This Lousy Phish—Relay Attacks on Visual Code Authentication Schemes. In: Christianson, B., Malcolm, J., Matyáš, V., Švenda, P., Stajano, F., Anderson, J. (eds) Security Protocols XXII. Security Protocols 2014. Lecture Notes in Computer Science(), vol 8809. Springer, Cham. https://doi.org/10.1007/978-3-319-12400-1_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-12400-1_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12399-8
Online ISBN: 978-3-319-12400-1
eBook Packages: Computer ScienceComputer Science (R0)