Contextual OTP: Mitigating Emerging Man-in-the-Middle Attacks with Wireless Hardware Tokens

  • Assaf Ben-David
  • Omer Berkman
  • Yossi Matias
  • Sarvar Patel
  • Cem Paya
  • Moti Yung
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7341)


OTP (One Time Password) devices are highly deployed trust enhancing (password entropy increasing) devices which are used to authenticate a user with a second factor (a pseudorandom sequence of digits produced by a device the user owns) and to cope with off-line phishing of password information. Wireless connection adds usability to OTP protocols in an obvious way: instead of the person copying the information between machines, the wireless (say, Bluetooth) mechanism can transfer the value directly. Indeed, OTP devices implemented in a smartphone and communicating with the browser over Bluetooth can act in usable fashion (and this extension was implemented in our organization and got very positive usability feedback). What we then noticed as a key observation is that this mode of OTP wireless transfer has turned the “man to machine” nature of the OTP tokens to a “(mobile) device to machine (the browser on the computer)” method, so we can now employ protocols between the two interacting computers. Thus, we asked what can this new mode contribute to security (rather than to usability only) and cope with increased set of attacks. Specifically, the question we are dealing with is whether wireless OTP devices (i.e., smartphones) can be hardened at a reasonable cost (i.e., without costly OTP infrastructural changes, public-key infrastructure/ operations, and with small modification to browsers) so as to be useful against one type of interesting and currently growing and highly publicized Man in the Middle (MITM) attacks. The work herein summarizes our study which is based on our proposed new notion of Contextual OTP (XOTP for short), which exploits session contexts to break the symmetry between the “user-MITM” and the “MITM-server” sessions.


Contextual Factor Smart Device Session Context Browser Extension Relay Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alkassar, A., Stüble, C., Sadeghi, A.R.: Secure object identification - or: Solving the chess grandmaster problem. In: Proceedings of the Workshop on New Security Paradigms (2003)Google Scholar
  2. 2.
    APGW: Phishing activity trends report (2011),
  3. 3.
    Beth, T., Desmedt, Y.G.: Identification Tokens – or: Solving the Chess Grandmaster Problem. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 169–176. Springer, Heidelberg (1991)Google Scholar
  4. 4.
  5. 5.
    Gabber, E., Gibbons, P.B., Kristol, D.M., Matias, Y., Mayer, A.: On secure and pseudonymous client-relationships with multiple servers. ACM Transactions on Information and System Security (1999)Google Scholar
  6. 6.
    Gabber, E., Gibbons, P.B., Matias, Y., Mayer, A.: How to Make Personalized Web Browsing Simple, Secure, and Anonymous. In: Luby, M., Rolim, J.D.P., Serna, M. (eds.) FC 1997. LNCS, vol. 1318, pp. 17–31. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  7. 7.
    Halderman, J.A., Waters, B., Felten, E.W.: A convenient method for securely managing passwords. In: Proc. 14th International World Wide Web Conference (2005)Google Scholar
  8. 8.
  9. 9.
    Jackson, C., Barth, A.: Beware of finer-grained origins. In: Proceedings of Web 2.0 Security and Privacy, W2SP 2008 (2008)Google Scholar
  10. 10.
    Jakobsson, M., Myers, S. (eds.): Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft. Wiley (2006)Google Scholar
  11. 11.
    Karlof, C., Tyger, J., Wagner, D., Shankar, U.: Dynamic pharming attacks and locked same-origin policies for web browsers. In: Computer and Communication Security, CCS (2007)Google Scholar
  12. 12.
    Luby, M.: Pseudorandomness and Cryptographic Applications. Princeton University Press, Princeton (1996)zbMATHGoogle Scholar
  13. 13.
    Mannan, M.S., van Oorschot, P.C.: Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 88–103. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    McCune, J.M., Perrig, A., Reiter, M.K.: Seeing-is-believing: Using camera phones for human-verifiable authentication. In: IEEE Symposium on Security and Privacy (2005)Google Scholar
  15. 15.
    The H Security: Mozilla considers removing trustwave CA (2012),
  16. 16.
    Parno, B., Kuo, C., Perrig, A.: Phoolproof Phishing Prevention. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 1–19. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Prins, J.: Diginotar certificate authority breach - operation black tulip (2011),
  18. 18.
    RFC-2104: HMAC: Keyed-hashing for message authenticationGoogle Scholar
  19. 19.
    RFC-4033: DNS security introduction and requirementsGoogle Scholar
  20. 20.
    RFC-4226: HOTP: An HMAC-based one-time password algorithmGoogle Scholar
  21. 21.
    RFC-5246: The transport layer security (TLS) protocol version 1.2Google Scholar
  22. 22.
    Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger password authentication using browser extensions. In: Proceedings of the 14th Conference on USENIX Security (2005)Google Scholar
  23. 23.
    Roth, V., Richter, K., Freidinger, R.: A PIN-entry method resilient against shoulder surfing. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (2004)Google Scholar
  24. 24.
    Schneier, B.: Two-factor authentication: Too little, too late. Communications of the ACM 4(4) (2005)Google Scholar
  25. 25.
    Schneier, B.: Hacking two-factor authentication (2009),
  26. 26.
    Stajano, F., Wong, F.-L., Christianson, B.: Multichannel Protocols to Prevent Relay Attacks. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 4–19. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  27. 27.
  28. 28.
    Yee, K., Sitaker, K.: Passpet: Convenient password management and phishing protection. In: Symposium On Usable Privacy and Security, SOUPS (2006)Google Scholar
  29. 29.
    Zusman, M., Sotirov, A.: Breaking the myths of extended validation SSL certificates. In: Black Hat (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Assaf Ben-David
    • 2
  • Omer Berkman
    • 3
  • Yossi Matias
    • 1
  • Sarvar Patel
    • 1
  • Cem Paya
    • 1
  • Moti Yung
    • 1
    • 4
  1. 1.Google Inc.Israel
  2. 2.The Hebrew UniversityJerusalemIsrael
  3. 3.The Academic College of Tel Aviv JaffaTel AvivIsrael
  4. 4.Columbia UniversityUSA

Personalised recommendations