Passphone: Outsourcing Phone-Based Web Authentication While Protecting User Privacy

  • Martin Potthast
  • Christian Forler
  • Eik ListEmail author
  • Stefan Lucks
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10014)


This work introduces Passphone, a new smartphone-based authentication scheme that outsources user verification to a trusted third party without sacrificing privacy: neither can the trusted third party learn the relation between users and service providers, nor can service providers learn those of their users to others. When employed as a second factor in conjunction with, for instance, passwords as a first factor, our scheme maximizes the deployability of two-factor authentication for service providers while maintaining user privacy. We conduct a twofold formal analysis of our scheme, the first regarding its general security, and the second regarding anonymity and unlinkability of its users. Moreover, we provide an automatic analysis using AVISPA, a comparative evaluation to existing schemes under Bonneau et al.’s framework, and an evaluation of a prototypical implementation.


Service Provider Authentication Scheme Authentication Protocol Honest Party Privacy Property 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The authors thank Anne Barsuhn, Thomas Dressel, Paul Christoph Götze, André Karge, Tom Kohlberg, Kevin Lang, Christopher Lübbemeier, Kai Gerrit Lünsdorf, Nicolai Ruckel, Sascha Schmidt, and Clement Welsch for implementing the first prototype within student projects. Our special thanks go to Thomas Dressel and André Karge for their pursuing work, and to Benno Stein and the anonymous reviewers for valuable comments and suggestions.


  1. 1.
    Aloul, F.A., Zahidi, S., El-Hajj, W.: Two factor authentication using mobile phones. In: IEEE AICCSA, pp. 641–644 (2009)Google Scholar
  2. 2.
    Altman, J., Williams, N., Zhu, L.: Channel bindings for TLS. RFC 5929 (2010)Google Scholar
  3. 3.
    Apple. Two-factor authentication for Apple ID (2016).
  4. 4.
    Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005). doi: 10.1007/11513988_27 CrossRefGoogle Scholar
  5. 5.
    Armando, A., Compagna, L., Ganty, P.: SAT-based model-checking of security protocols using planning graph analysis. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 875–893. Springer, Heidelberg (2003). doi: 10.1007/978-3-540-45236-2_47 CrossRefGoogle Scholar
  6. 6.
    Balfanz, D., Hamilton, R.: Transport layer security (TLS) channel IDs, 8 Nov 2013. IETF Internet Draft v01, expired 12 May 2013Google Scholar
  7. 7.
    Basin, D., Mödersheim, S., Viganò, L.: An on-the-fly model-checker for security protocol analysis. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 253–270. Springer, Heidelberg (2003). doi: 10.1007/978-3-540-39650-5_15 CrossRefGoogle Scholar
  8. 8.
    Bhargavan, K., Delignat-Lavaud, A., Fournet, C., Pironti, A., Strub, P.: Triple handshakes and cookie cutters: breaking and fixing authentication over TLS. In: IEEE S&P, pp. 98–113 (2014)Google Scholar
  9. 9.
    Bhargavan, K., Delignat-Lavaud, A., Pironti, A.: Verified contributive channel bindings for compound authentication. In: NDSS. The Internet Society (2015)Google Scholar
  10. 10.
    Boichut, Y., Héam, P.-C., Kouchnarenko, O.: Automatic verification of security protocols using approximations. Technical report INRIA-Lorraine - CASSIS Project (2005)Google Scholar
  11. 11.
    Bonneau, J., Herley, C., van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: IEEE S&P, pp. 553–567 (2012)Google Scholar
  12. 12.
    Bonneau, J., Preibusch, S.: The password thicket: technical and market failures in human authentication on the web. In: WEIS (2010)Google Scholar
  13. 13.
    Chevalier, Y., Compagna, L., Cuellar, J., Hankes Drielsma, P., Mantovani, J., Moedersheim, S., Vigneron, L.: A high level protocol specification language for industrial security-sensitive protocols. In: SAPS, p. 13 (2004)Google Scholar
  14. 14.
    Clarke, D., Gassend, B., Kotwal, T., Burnside, M., Dijk, M., Devadas, S., Rivest, R.: The Untrusted Computer Problem and Camera-Based Authentication. In: Mattern, F., Naghshineh, M. (eds.) Pervasive 2002. LNCS, vol. 2414, pp. 114–124. Springer, Heidelberg (2002). doi: 10.1007/3-540-45866-2_10 CrossRefGoogle Scholar
  15. 15.
    Cronto Limited. Cronto.
  16. 16.
    Czeskis, A., Dietz, M., Kohno, T., Wallach, D.S., Balfanz, D.: Strengthening user authentication through opportunistic cryptographic identity assertions. In: CCS, pp. 404–414 (2012)Google Scholar
  17. 17.
    Dey, A., Weis, S.: PseudoID: enhancing privacy in federated login. In: PETS, pp. 95–107 (2010)Google Scholar
  18. 18.
    Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: the second-generation onion router. In: USENIX, pp. 303–320 (2004)Google Scholar
  19. 19.
    Dodson, B., Sengupta, D., Boneh, D., Lam, M.S.: Secure, consumer-friendly web authentication and payments with a phone. In: Gris, M., Yang, G. (eds.) MobiCASE 2010. LNICSSITE, vol. 76, pp. 17–38. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29336-8_2 CrossRefGoogle Scholar
  20. 20.
    Dodson, B., Sengupta, D., Boneh, D., Lam, M.: Snap2Pass: consumer-friendly challenge-response authentication with a phone (2010).
  21. 21.
    Gemalto. Findings from the 2014 Breach Level Index.
  22. 22.
    Google. 2-step Authentication (2013).
  23. 23.
    Hallsteinsen, S., Jorstad, I., Thanh, D.: Using the mobile phone as a security token for unified authentication. In: ICSNC, p. 68 (2007)Google Scholar
  24. 24.
    Hardt, D.: The OAuth 2.0 authorization framework. RFC 6749 (2012)Google Scholar
  25. 25.
    Karapanos, N., Capkun, S.: On the effective prevention of TLS man-in-the-middle attacks in web applications. In: USENIX, pp. 671–686 (2014)Google Scholar
  26. 26.
    Karapanos, N., Marforio, C., Soriente, C., Capkun, S.: Sound-proof: usable two-factor authentication based on ambient sound. In: USENIX, pp. 483–498 (2015)Google Scholar
  27. 27.
    Lord, B.: Keeping our users secure (2013).
  28. 28.
    Lystad, T.: Leaked password lists and dictionaries - the password project (2013).
  29. 29.
    Mannan, M., Oorschot, P.C.: Using a personal device to strengthen password authentication from an untrusted computer. In: Dietrich, S., Dhamija, R. (eds.) FC 2007. LNCS, vol. 4886, pp. 88–103. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-77366-5_11 CrossRefGoogle Scholar
  30. 30.
    Mannan, M., van Oorschot, P.: Leveraging personal devices for stronger password authentication from untrusted computers. J. Comput. Secur. 19(4), 703–750 (2011)CrossRefGoogle Scholar
  31. 31.
  32. 32.
    Nuñez, D., Agudo, I.: BlindIdM: a privacy-preserving approach for identity management as a service. Int. J. Inf. Secur. 13(2), 199–215 (2014)CrossRefGoogle Scholar
  33. 33.
    Nuñez, D., Agudo, I., Lopez, J.: Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services. In: CloudCom, pp. 241–248 (2012)Google Scholar
  34. 34.
    U.S NIST. Validated FIPS 140–1 and FIPS 140–2 cryptographic modules (2013).
  35. 35.
    Parno, B., Kuo, C., Perrig, A.: Phoolproof phishing prevention. In: Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 1–19. Springer, Heidelberg (2006). doi: 10.1007/11889663_1 CrossRefGoogle Scholar
  36. 36.
    Potthast, M., Forler, C., List, E., Lucks, S.: Passphone: outsourcing phone-based web authentication while protecting user privacy. In: Cryptology ePrint Archive (2016, to appear)Google Scholar
  37. 37.
    Recordon, D., Reed, D.: OpenID 2.0: a platform for user-centric identity management. In: Digital Identity Management, pp. 11–16 (2006)Google Scholar
  38. 38.
    Riesch, P.J., Du, X.: Audit based privacy preservation for the OpenID authentication protocol. In: IEEE HST, pp. 348–352 (2012)Google Scholar
  39. 39.
    Shirvanian, M., Jarecki, S., Saxena, N., Nathan, N.: Two-factor authentication resilient to server compromise using mix-bandwidth devices. In: NDSS. The Internet Society (2014)Google Scholar
  40. 40.
  41. 41.
    Starnberger, G., Froihofer, L., Göschka, K.M.: QR-TAN: secure mobile transaction authentication. In: IEEE ARES, pp. 578–583 (2009)Google Scholar
  42. 42.
    Tsudik, G., Xu, S.: A flexible framework for secret handshakes. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 295–315. Springer, Heidelberg (2006). doi: 10.1007/11957454_17 CrossRefGoogle Scholar
  43. 43.
    Turuani, M.: The CL-Atse protocol analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006). doi: 10.1007/11805618_21 CrossRefGoogle Scholar
  44. 44.
    Urueña, M., Muñoz, A., Larrabeiti, D.: Analysis of privacy vulnerabilities in single sign-on mechanisms for multimedia websites. Multimedia Tools Appl. 68(1), 159–176 (2014)CrossRefGoogle Scholar
  45. 45.
    Van Rijswijk, R., Van Dijk, J.: Tiqr: a novel take on two-factor authentication. In: LISA (2011)Google Scholar
  46. 46.
    Wu, M., Garfinkel, S., Miller, R.: Secure web authentication with mobile phones. In: DIMACS Workshop on Usable Privacy and Security Software (2004)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Martin Potthast
    • 1
  • Christian Forler
    • 2
  • Eik List
    • 1
    Email author
  • Stefan Lucks
    • 1
  1. 1.Bauhaus-Universität WeimarWeimarGermany
  2. 2.Beuth Hochschule für Technik BerlinBerlinGermany

Personalised recommendations