1 / 66

Usable and Secure Password Management

Explore the challenges and strategies in password management while balancing usability and security. Analyze factors like chunking, cue strength, interference, and rehearsal to improve password memorization. Understand the importance of password entropy for enhanced security.

mcshane
Download Presentation

Usable and Secure Password Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Theory Lunch Usable and Secure Password Management Jeremiah Blocki Spring 2012

  2. Password Management Competing Goals:

  3. A Challenging Problem • Traditional Security Advice Use numbers and letters Use special symbols Don’t Reuse Passwords Don’t use words/names Not too short Don’t Write it Down Use mix of lower/upper case letters Change your passwords every 90 days

  4. Reevaluate Traditional Advice? XKCD Source: http://www.xkcd.com/936/ [Munroe]

  5. Experiment #0 • Memorize a random 10 character password • Case Sensitive! L[IbCGa_ND

  6. Experiment #1 Chaplin, Newspapers (plural) Cedric, Scanner

  7. Experiment #2 Boats, Brie March (“Marching” – “ing”) Swim (not Michael Phelps)

  8. Experiment #3

  9. Experiment #4

  10. Outline • Introduction and Experiments • Memory and Usability • Four Big Factors • Analyzing Security • Our Password Management Scheme

  11. Factor 1: Chunking • Memorize: nbccbsabc • Memorize: tkqizrlwp • 3 Chunks vs. 9 Chunks! • Usability Goal: Minimize Number of Chunks in Password Source: The magical number seven, plus or minus two [Miller, 56]

  12. Chunking Source: http://www.xkcd.com/936/ [Munroe]

  13. Human Memory is Associative ?

  14. Factor 2: Cue Strength • Cue: context when a memory is stored • Surrounding Environment • Sounds • Visual Surroundings • Web Site • …. • As time passes we forget some of this context…

  15. Mathematical Model (Cues) i {music, desk, password, amazon,…}

  16. Mathematical Model (Associative Memory) Add the cue-association pair to memory (M) Find the memory associated with the given cue in M

  17. Retrieval from Partial Cue Original Cue Cue Strength Retrieval Cue

  18. Retrieval from Partial Cue

  19. Retrieval from Partial Cue Probability of Recall Partial Cue Fraction Source: Simple memory: a theory for archicortex [Marr]

  20. Factor 3: Interference Cue jblocki, l3tm3in jblocki, unbr3akabl3 jblocki, Tr0ub4dor&3 … jblocki, horsebatterystaplecorrect

  21. Interference (Example) Impossible to identify which memory is associated with the cue! If the contexts are only “slightly different” there will still be significant interference!

  22. Factor 4: Rehearsal Strengthens Associations Password may be linked to different contexts (cues) Goal: minimize the number of rehearsals necessary to remember passwords

  23. Rehearsal • It helps if part of the context is consistent across all rehearsals/retrieval

  24. Usability Desiderata • Minimize #chunks per password • Ensure that a large part of the original cue is always available at retrieval time • Minimize Interference • Minimize the required number of rehearsals

  25. How Do People Pick Passwords? Source: Science of Password Selection (Hunt, 2011)

  26. Password Management Competing Goals:

  27. Competing Goals • Usability – “easy” for user to create and remember his passwords • Security – “hard” for adversary to learn passwords. • After many guesses • Even after seeing other passwords

  28. Outline • Introduction and Experiments • Memory and Usability • Analyzing Security • Our Password Management Scheme

  29. Security (what could go wrong?) Three Types of Attacks Danger

  30. Online Attack 1234 Limit Guesses: Three Strike Policy

  31. Offline Dictionary Attack “UnBr3akabl3” “UnBr3akabl3” MD5(“UnBr3akabl3”) + “UnBr3akabl3” Source: CERT Incident Note IN-98.03: Password Cracking Activity

  32. Malicious Sites/Phishing pwd pwd PayPaul.com + Source: CERT Incident Note IN-98.03: Password Cracking Activity

  33. Measuring Security • Past Measurements and Their Weaknesses • Password Strength Meters • Entropy • Min Entropy • Our Definition of Security

  34. Password Strength Meters mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm Impossible to know what background knowledge the adversary will have! Our Approach: Measure the security of the password generator instead Source: https://www.microsoft.com/security/pc-security/password-checker.aspx

  35. Password Generator (G)

  36. Entropy Average # Bits to encode password x Intuition: 30 bits of entropy => Average # Guesses ~ 230 # Bits to encode password x Source: The mathematical theory of communication (Shannon, 1959)

  37. Entropy • Example:

  38. Entropy (Weaknesses) Both password generators have same entropy! One guess breaks scheme one half of the time!

  39. Entropy (Weaknesses) mmmm mmmm mmmm G1 has high entropy, but is insecure!

  40. Entropy (Weaknesses) • High Entropy Does Not Guarantee Safety!

  41. Min-Entropy # Bits to encode most likely password x # Bits to encode password x

  42. Min Entropy (Strengths) “horsebatterystaplecorrect” MD5(pwd) +

  43. Min Entropy (Strengths) • High Minimum Entropy

  44. Min-Entropy (Weaknesses) Hmin(G1) = 2n = Hmin(G2) Min-Entropy ignores correlations between passwords

  45. Min-Entropy (Weaknesses) x x PayPaul.com x

  46. Our Security Approach • Dangerous World Assumption • Not enough to defend against existing adversaries • Adversary can adapt after learning the user’s new password management strategy • Provide guarantees even when things go wrong • Offline attacks should fail with high probability • Limit damage of a successful phishing attack

  47. The Adversary’s Game • Adversary can compromise at most k sites (phishing). • Adversary can execute offline attacks against at most t additional sites • Resource Constraints => at most M guesses • Adversary wins if he can compromise any new sites. pwd MD5(pwd)

  48. (k,t,M,)-Security We say that a password management scheme is (k,t,M,)-Secure if for any adversary Adv t = # M = # Guesses k = # Offline Attacks Phishing Attacks

  49. Example: (1,1,M,)-Security t=1 PayPaul.com + M guesses k=1

  50. Outline • Introduction and Experiments • Memory and Usability • Analyzing Security • Our Password Management Scheme

More Related