[Cfrg] Passwords - rethinked
Otto Ersek <oersek@gmail.com> Tue, 01 November 2016 05:58 UTC
Return-Path: <oersek@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B32B12951E for <cfrg@ietfa.amsl.com>; Mon, 31 Oct 2016 22:58:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OKEym0Lz_1UF for <cfrg@ietfa.amsl.com>; Mon, 31 Oct 2016 22:58:14 -0700 (PDT)
Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A53B129515 for <cfrg@irtf.org>; Mon, 31 Oct 2016 22:58:14 -0700 (PDT)
Received: by mail-wm0-x229.google.com with SMTP id t79so88505814wmt.0 for <cfrg@irtf.org>; Mon, 31 Oct 2016 22:58:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=zUVzeYViWI/kq9R1BBvLXvjUSEQ1gXjAolOHLoUlcfY=; b=YLm8nl5/ZqcyALeuyYLoLSAwCnWA/kII5p8atWlcHZDcbxU1grfmhYUF5oO+i5r/Cz NdSvTXfZMhy7f+RYZKbE4OlaYWqEiOjiveBIVZQa2v3aQTFRZGsN3yi0FjnoviUt7H5U 9NNjPH0zU2NEgx61i3IfyosrsxO7KKr/BHbk8NV/nVcEUCeXzHXyfnI9ojPrUdecskSe eE9+CLQg3bwJ7EOGYW9tZTt5WFFzK+xWg2k3t+EQ6DTSKE08kuoxA7tmeo0eo5P9w8BH WJRJuDOL8NA3t7GN6SC3KHVgx5kfuwttSsivvRq4fUIdaKf93k4xl8Bfle6zAwyiyj82 jh9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=zUVzeYViWI/kq9R1BBvLXvjUSEQ1gXjAolOHLoUlcfY=; b=ZfkOUGIncSUjSYE79ZKCF39vUERQ5l8DPhQ9zJYF8xOnY7XsmgGk2zlDAWN+FbDBM2 /F7AsPWH0NTO0L62mXRl0BZmU3YgdRx8cupZXy29i02CTDuibysclI/24UrS+cZnDQxO mAj1fPWNQPhHjdMA1Yrfccr3vx1xkT/DkNhTW/jf9dA9kgJKKYx/3XkDHMw/HTb4wXFF uV6MC2ZlidJY9uVJCav0ZobiPYDG/jPa988ug4O1uk5WODW79LKARVycRxnNeltMLFIe tZsUd6b05Se3FpIQ0bjXcNPJb29crGmB30hYpU41LGJ0NXKumEjgCLea6csE8L8BuDl0 IKsQ==
X-Gm-Message-State: ABUngvfGl/5TK9yUkBDV60Ue5ZTKz46kZz+fJBDQpHzCDwANQQ4+3sCb2kmN22L2wFjMFw==
X-Received: by 10.28.216.21 with SMTP id p21mr13076614wmg.92.1477979892796; Mon, 31 Oct 2016 22:58:12 -0700 (PDT)
Received: from [192.168.0.102] (178.165.130.239.wireless.dyn.drei.com. [178.165.130.239]) by smtp.gmail.com with ESMTPSA id p13sm28569355wmd.20.2016.10.31.22.58.12 for <cfrg@irtf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 31 Oct 2016 22:58:12 -0700 (PDT)
To: cfrg@irtf.org
From: Otto Ersek <oersek@gmail.com>
Message-ID: <7c00f6cb-5b95-e042-5c39-fa1d2348a1c7@gmail.com>
Date: Tue, 01 Nov 2016 06:58:11 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/PA9SGlLN6hUYMabeU4O9sR1z62g>
Subject: [Cfrg] Passwords - rethinked
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 05:58:49 -0000
For 50 years we were using passwords and have built up paradigms to end
up with something like this: JW=?mt%3D5z!.*zNpC as a standard password.
First of all the good news, we don't need a long "password" to
authenticate 4 base64 characters will do the job.
But this is not secure enough, to use the standard way.
Therefore let us completely change the way we submit a password.
And most importantly let us do the whole procedure in a human way
The idea/concept is as follows:
INSTEAD of a blinking login prompt sitting there and waiting desperately
for a user password -> JW=?mt%3D5z!.*zNpC
let us present the user a simple text edit field with a short story in
it, which can be any text, no need to keep that secret, everybody might
even use the same!
For example:
Kindly borrowed from the project Gutenberg.
Arthur Conan Doyle, THE COMPLETE SHERLOCK HOLMES, The valley of fear,
The Solution
Original text as it could appear to the user:
####################################################################
Next morning, after breakfast, we found Inspector MacDonald and White
Mason seated in close consultation in the small parlour of the local
police sergeant. On the table in front of them were piled a number of
letters and telegrams, which they were carefully sorting and
docketing. Three had been placed on one side.
"Still on the track of the elusive bicyclist?" Holmes asked
cheerfully. "What is the latest news of the ruffian?"
####################################################################
But how can a 100 years old text help authenticating today?
What if we change the above text “slightly” to the following (sorry Dr.
Watson!):
####################################################################
Next morning, after breakfast, we found Inspector McDonald and White
Mason seated in close consultation in the small parlour of the local
police sergeant. On the stable in front of them were piled a number of
letters and emails, which they were carefully sorting and
docketing. Three had been placed on one side.
"Still on the track of the eXClusive bicyclist?" Holmes asked
cheerfully. "What is the latest news of the ruffian?"
####################################################################
Sha512 of the "original version" is
686027BE2595FF6BB7B7E0737D40B552753424D30D7B06CFA617165C022E256D
Sha512 of the "modified version" is
C958DA6B2BC84AD4DEEE453E8654C94502A5F66E9B4E353937F9663A1A22CF04
Well and that's it! Use the hash as an auth string,...
PROPOSAL:
To achieve an estimated 36bits of security per round choose an arbitrary
starting text of at least 1024 characters.
Copy some selected text and paste it somewhere into the text PLUS type
before or after pasting some character from A-Z,a-z,0-9 (Yeah!!! No
special characters needed! But if you really insist on using them go ahead)
Repeat 3 times. So in total 36bits x 4rounds = 144bits
As long as we keep the changes made to the original text secure and
follow the given proposal we should get a security level > 128bits,
which is considered "secure" by today's standards.
Summary:
1) We still need some "password" but 4 characters should be sufficient.
Further we need to remember the copy & paste sections. In total 4 + 4*3
= 16items to remember, but we have the original text in front of us as a
visual guidance while doing our changes.
2) The way we provide passwords has changed, not a blank field but a
story is presented to us for us to make deliberate and memorable typos in it
3) This should be easier to remember than the following
funny-random-senseless ................... 24 character and 22 character
long strings:
JWmt3DEz4VYEwQOhRKzyiWmA
ZF7IwsBlxGwwnvMLjpSMy9f3
or slightly "shorter":
}cM3MdgP'=\els6toBvTo[
u]o{^`>Mimn o_wlS}'.Ie
For optional top notch security one may pick: arthur conan doyle, append
shakespeare twice, append lord of the rings, append whatever,... but
don't infringe copyright, only use books/texts you own! Then ask the
user to authenticate in that file, and ask for more than 4 rounds,...
but this is most likely overkill :-)
- [Cfrg] Passwords - rethinked Otto Ersek
- Re: [Cfrg] Passwords - rethinked Yoav Nir
- Re: [Cfrg] Passwords - rethinked Otto Ersek