Abstract
Secure protocols for password-based user authentication are well-studied in the cryptographic literature but have failed to see wide-spread adoption on the Internet; most proposals to date require extensive modifications to the Transport Layer Security (TLS) protocol, making deployment challenging. Recently, a few modular designs have been proposed in which a cryptographically secure password-based mutual authentication protocol is run inside a confidential (but not necessarily authenticated) channel such as TLS; the password protocol is bound to the established channel to prevent active attacks. Such protocols are useful in practice for a variety of reasons: security no longer relies on users’ ability to validate server certificates and can potentially be implemented with no modifications to the secure channel protocol library.
We provide a systematic study of such authentication protocols. Building on recent advances in modelling TLS, we give a formal definition of the intended security goal, which we call password-authenticated and confidential channel establishment (PACCE). We show generically that combining a secure channel protocol, such as TLS, with a password authentication protocol, where the two protocols are bound together using either the transcript of the secure channel’s handshake or the server’s certificate, results in a secure PACCE protocol. Our prototype based on TLS is available as a cross-platform client-side Firefox browser extension and a server-side web application which can easily be installed on deployed web browsers and servers.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Schechter, S.E., Dhamija, R., Ozment, A., Fischer, I.: The emperor’s new security indicators. In: 2007 IEEE Symposium on Security and Privacy, pp. 51–65. IEEE Computer Society Press (2007)
Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F.: Crying wolf: An empirical study of SSL warning effectiveness. In: USENIX Security 2009 (2009)
Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S., Leach, P., Luotonen, A., Stewart, L.: HTTP Authentication: Basic and Digest Access Authentication. RFC 2617 (Draft Standard), Updated by RFC 7235 (1999)
Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: 1992 IEEE Symposium on Security and Privacy, pp. 72–84. IEEE Computer Society Press (1992)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)
Abdalla, M., Catalano, D., Chevalier, C., Pointcheval, D.: Efficient two-party password-based key exchange protocols in the UC framework. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 335–351. Springer, Heidelberg (2008)
International Organization for Standardization (ISO): ISO/IEC 11770-4: Information technology — security techniques — key management — part 4: Mechanisms based on weak secrets (2006)
ITU-T X.1035: Password-authenticated key exchange (PAK) protocol (2007)
IEEE P1363.2: Standard specifications for password-based public-key cryptographic techniques (2008)
Wu, T.D.: The secure remote password protocol. In: NDSS 1998. The Internet Society (1998)
Engler, J., Karlof, C., Shi, E., Song, D.: Is it too late for PAKE? In: Web 2.0 Security and Privacy (W2SP) 2009 (2009)
Taylor, D., Wu, T., Mavrogiannopoulos, N., Perrin, T.: Using the Secure Remote Password (SRP) Protocol for TLS Authentication. RFC 5054, Informational (2007)
Abdalla, M., Bresson, E., Chevassut, O., Möller, B., Pointcheval, D.: Provably secure password-based authentication in TLS. In: Lin, F.C., Lee, D.T., Lin, B.S., Shieh, S., Jajodia, S. (eds.) ASIACCS 2006, pp. 35–45. ACM Press (2006)
Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191–208. Springer, Heidelberg (2005)
Hao, F., Ryan, P.Y.A.: Password authenticated key exchange by juggling. In: Christianson, B., Malcolm, J.A., Matyas, V., Roe, M. (eds.) Security Protocols 2008. LNCS, vol. 6615, pp. 159–171. Springer, Heidelberg (2011)
Altman, J., Williams, N., Zhu, L.: Channel Bindings for TLS. RFC 5929 (Proposed Standard) (2010)
Oiwa, Y., Takagi, H., Watanabe, H., Suzuki, H.: PAKE-based mutual HTTP authentication for preventing phishing attacks. In: Maarek, Y., Nejdl, W. (eds.) Proc. 18th International World Wide Web Conference (WWW 2009), pp. 1143–1144. ACM (2009)
Oiwa, Y., Watanabe, H., Takagi, H.: PAKE-based mutual HTTP authentication for preventing phishing attacks (2009), http://arxiv.org/abs/0911.5230
Oiwa, Y., Watanabe, H., Takagi, H., Ioku, Y., Hayashi, T.: Mutual authentication protocol for HTTP (2012), Internet-Draft, http://tools.ietf.org/html/draft-oiwa-http-mutualauth-12
AIST Research Center for Information Security: (Mutual authentication protocol for HTTP), https://www.rcis.aist.go.jp/special/MutualAuth
Kwon, T.: Authentication and key agreement via memorable passwords. In: NDSS 2001. The Internet Society (2001)
Dacosta, I., Ahamad, M., Traynor, P.: Trust no one else: Detecting MITM attacks against SSL/TLS without third-parties. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 199–216. Springer, Heidelberg (2012)
Boyko, V., MacKenzie, P.D., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)
Borisov, N., Goldberg, I., Brewer, E.A.: Off-the-record communication, or, why not to use PGP. In: ACM Workshop on Privacy in Electronic Society (WPES 2004), pp. 77–84. ACM Press (2004)
Alexander, C., Goldberg, I.: Improved user authentication in Off-The-Record messaging. In: Yu, T. (ed.) ACM Workshop on Privacy in Electronic Society (WPES 2007), pp. 41–47. ACM Press (2007)
Jager, T., Kohlar, F., Schäge, S., Schwenk, J.: On the security of TLS-DHE in the standard model. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 273–293. Springer, Heidelberg (2012)
Bergsma, F., Dowling, B., Kohlar, F., Schwenk, J., Stebila, D.: Multi-ciphersuite security of the Secure Shell (SSH) protocol. In: Yung, M., Li, N. (eds.) ACM CCS 2014. ACM Press (2014)
Brzuska, C., Smart, N.P., Warinschi, B., Watson, G.J.: An analysis of the EMV channel establishment protocol. In: Sadeghi, A.R., Gligor, V.D., Yung, M. (eds.) ACM CCS 2013, pp. 373–386. ACM Press (2013)
Krawczyk, H., Paterson, K.G., Wee, H.: On the security of the TLS protocol: A systematic analysis. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 429–448. Springer, Heidelberg (2013)
Kohlar, F., Schäge, S., Schwenk, J.: On the security of TLS-DH and TLS-RSA in the standard model. Cryptology ePrint Archive, Report 2013/367 (2013), http://eprint.iacr.org/2013/367
Giesen, F., Kohlar, F., Stebila, D.: On the security of TLS renegotiation. In: Sadeghi, A.R., Gligor, V.D., Yung, M. (eds.) ACM CCS 2013, pp. 387–398. ACM Press (2013)
LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)
Jager, T., Kohlar, F., Schäge, S., Schwenk, J.: Generic compilers for authenticated key exchange. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 232–249. Springer, Heidelberg (2010)
Fleischhacker, N., Manulis, M., Azodi, A.: A Modular Framework for Multi-Factor Authentication and Key Exchange. Cryptology ePrint Archive, Report 2012/181 (2012), http://eprint.iacr.org/2012/181
Manulis, M., Stebila, D., Denham, N.: Secure modular password authentication for the web using channel bindings (full version). Cryptology ePrint Archive, Report 2014/731 (2014), http://eprint.iacr.org/2014/731
National Institute of Standards and Technology: Recommended elliptic curves for federal government use (1999), http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf
Dhamija, R., Tygar, J.D.: The battle against phishing: Dynamic security skins. In: Cranor, L.F., Zurko, M.E. (eds.) Symposium on Usable Privacy and Security (SOUPS 2005), pp. 77–88. ACM Press (2005)
Rescorla, E.: Keying Material Exporters for Transport Layer Security (TLS). RFC 5705 (Proposed Standard) (2010)
Abdalla, M., Bresson, E., Chevassut, O., Möller, B., Pointcheval, D.: Strong password-based authentication in TLS using the three-party group Diffie–Hellman protocol. International Journal of Security and Networks 2, 284–296 (2007)
Certicom Research: SEC 1: Elliptic curve cryptography, Version 2.0 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Manulis, M., Stebila, D., Denham, N. (2014). Secure Modular Password Authentication for the Web Using Channel Bindings. In: Chen, L., Mitchell, C. (eds) Security Standardisation Research. SSR 2014. Lecture Notes in Computer Science, vol 8893. Springer, Cham. https://doi.org/10.1007/978-3-319-14054-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-14054-4_11
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14053-7
Online ISBN: 978-3-319-14054-4
eBook Packages: Computer ScienceComputer Science (R0)