1 / 19

All Your Browser-saved Passwords Could Belong to Us

All Your Browser-saved Passwords Could Belong to Us. - A Security Analysis and a Cloud-based New Design. By Rui Zhao, Chuan Yue ACM Conference on Data and Applications Security (CODASPY), 2013. Text Passwords: the Dominant Position in Online User Authentication [1].

brenden-duncan
Download Presentation

All Your Browser-saved Passwords Could Belong to Us

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. All Your Browser-saved Passwords Could Belong to Us - A Security Analysis and a Cloud-based New Design By Rui Zhao, Chuan Yue ACM Conference on Data and Applications Security (CODASPY), 2013

  2. Text Passwords: the Dominant Position in Online User Authentication [1] [1] J. Bonneau et al., The quest to replace passwords: A framework for comparative evaluation of web authentication schemes. In Proc. of IEEE S&P Symposium, 2012

  3. Password Security • The something you know authentication factor • Expectations: strong, protected from beingstolen

  4. Problems of Passwords • The Dilemma • Weak passwords suffer from brute-force and dictionary attacks • Strong passwords are difficult to remember • Vulnerable to harvesting attacks such as phishing • Web users have more online accounts than before • The reality: use weak passwords, share passwords, write down passwords, etc. [2,3] [2] D. Florˆencio and C. Herley. A large-scale study of web password habits. In Proc. of WWW, 2007 [3] S. Komanduri et al. Of passwords and people: Measuring the effect of password-composition policies. In Proc. of CHI, 2011.

  5. Some Popular Solutions • Graphical passwords • security and usability concerns • Password hashing systems • security and usability concerns • Single sign-on systems • security concerns, business model limitations • Browser-based password managers • save and autofill, users don’t need to remember • potentially protect against phishing attacks[4] [4] C. Yue. Preventing the Revealing of Online Passwords to Inappropriate Websites with LoginInspector. In Proc. of LISA, 2012.

  6. Browser-based Password Managers (BPMs)

  7. Outline • Introduction and Background • Vulnerability Analysis • Design of Cloud-based Storage-Free BPM (CSF-BPM) • Implementation , Evaluation, Security Analysis • Conclusion, Current and Future Work

  8. Are those passwordssaved by BPMs secure?

  9. Threat Model - Basic • “Where a threat intersects with a vulnerability, risk is present.” – NIST Information Security Handbook: A Guide for Managers. • Threat sources - attackers who want to steal the sensitive login information stored in BPMs • Basic threat model: • Attackers can temporarily install malware on a user’s computer using very popular attacks such as drive-by downloads [5,6] • The installed malware can then steal the data [5] N. Provos et al., All your iframes point to us. In Proc. of USENIX Security Symposium, 2008. [6] Y.-M. Wang et al., Automated web patrol with strider honeymonkeys: Finding websites that exploit browser vulnerabilities. In Proc. of NDSS, 2006

  10. Threat Model - Assumptions • The installed malware can be removed from the system in a timely manner • Anti-malware software, such as Microsoft Forefront Endpoint Protection • Solutions such as Back to the Future framework [7] • Same assumption as in Google’s 2-step-verification [8] • Hard to identify cryptographic keys from memory [9] • DNS systems are secure and reliable [7] F. Hsu et al., Back to the future: A framework for automatic malware removal and system repair. In Proc. of ACSAC, 2006. [8] Eric Grosse, MayankUpadhyay, Authentication at Scale, IEEE S&P Magazine, 2012 [9] J. A. Halderman et al., Lest we remember: Cold boot attacks on encryption keys. In Proc. of USENIX Security Symposium, 2008.

  11. The Essential Problem of Existing BPMs • Computer  Home • A BPM  The Safe • A Master Password  The Combination • Google Chrome, Internet Explorer and Safari: • No combination at all • Firefox and Opera: • No mandatory combination • Brute-force attacks and phishing attacks to the master password The encrypted passwords stored by BPMs of the five browsers are very weakly protected!

  12. More Details on Attacks - 1 • Firefox without master password • steal signons.sqliteand key3.db, decrypt on any computer • Opera without master password • steal wand.dat, decrypt on any computer • Firefox and Opera with master password • the computation time for verifying a master password is very small • phishing attacks against the master password

  13. The (a) genuine and (b) fake master password entry dialog box in Firefox. • Created by the JavaScript prompt() function on any regular page • More sophisticated ones can be created by JavaScript and CSS (Cascading Style Sheets)

  14. More Details on Attacks - 2 • Internet Explorer, Google Chrome, and Safari • use the Windows API functions CryptProtectData and CryptUnprotectData • typically, only a user with the same Windows logon credential can decrypt the data • attackers steal the ciphertext, decrypt it on the victim’s computer, send back plaintext

  15. Overall Security Analysis Results • All your browser-saved passwords could belong to us! • We have developed tools and verified these security risks!

  16. Responses to our Responsible Vulnerability Disclosure • Firefox: asked for a development proposal • IE: forwarded to their development team • Safari: it is the limitation of Windows APIs • Opera: “a convenience feature, not a security feature”, do not assume drive-by download, will improve usability • Google Chrome: engineers quoted Law #1 from Microsoft “If a bad guy can persuade you to run his program on your computer, it's not your computer anymore”; upper-level researchers have different views

  17. Cloud-based Storage-Free BPM (CSF-BPM) Design High-level Architecture

  18. CSF-BPM Design Details Proactive password checker Password-based Key Derivation Function 2 (PBKDF-2) – RFC 2898 Single Strong Master Password (SSMP) mainKey mainSalt aeSalt PBKDF-params PBKDF-id E-id E-params recordKey AE-id AE-params recordKey recordKey aeKey Websites Credentials Encryption Header ELIR ELIR … Authenticated Encryption protectedELIRs siteURl siteUsername encryptedSitePassword recordSalt

  19. Security Analysis • Reduces the opportunities for attackers to steal and further crack regular users’ saved passwords • Makes it computationally infeasible for attackers to decrypt the stolen data • Accurately detects any invalid SSMP try and any modification to a saved PUPE data object • Requires a user to remember SSMP • Offers better security than Firefox and Opera with master password • They save encrypted data locally • They do not have strong key derivation • They do not detect any modification to the saved data • They need specific storage service

More Related