Re: [http-auth] [saag] re-call for IETF http-auth BoF

[Nico Williams <nico@cryptonector.com>]

On Mon, Jun 6, 2011 at 12:02 PM, Tim <tim-research@sentinelchicken.org> wrote:
> In general authentication theory terms, using passwords is relying on
> "something you know" (SYK) whereas certificates rely on "something you
> have" (SYH).  By moving toward password management in the browser, you
> turn something you know into something you have.

Well, I wouldn't call that "general authentication theory" :)

Passwords are either something you know, or something you have, or
even both.  Because let's face it: users can (and do!) write passwords
down, and as soon as they are written down they become "something you
have".

Also, password managers typically have a master password, so, what's,
uh the deal?

It strikes me as silly to say that passwords are something you know,
as if users might never write them down.  Indeed, nowadays some
security experts urge users to write their passwords down as a way to
enable stronger passwords -- not a bad idea, IMO.

A bigger problem with passwords as something you have is the need to
carry them.  If they're in a browser password manager, well, we need a
way to export (and import) the thing.  Also, there's no way to
securely use a password manager on an untrusted system (or, for that
matter, to securely use a password on an untrusted system).

In other words, this is hardly the biggest problem we have.

The biggest problems we have, IMO, are:

 - local security (malware)
 - the lack of strong authentication protocols on the web
 - the lack of mutual authentication (TLS server certs don't cut it)

I'd be perfectly happy with passwords if we had ZKPPs or strengthened
password protocols.  But we don't.  DIGEST doesn't cut it, and we have
not much else on the web, not with mutual authentication anyways.

> The SYH solutions are very attractive from a security perspective and
> from a usability perspective.  If it were sufficiently standardized,
> browsers can use certificates or random passwords for each site and
> users don't have to worry about it. (Of course once we move to a SYH
> password model, then what is the point in using passwords at all
> again?)

Passwords do have the benefit that they work everywhere.  Smartcards
requre that they be carried around.

Fortunately users now have powerful computers with them at all times
(i.e., mobile phones).  Unfortunately these are powerful computers,
with all attendant local security problems.  (Also, not everyone
carries their phones with them at all times.  My daughter certainly
doesn't, for example.  So we need to be careful here.)

> However, SYK will always have a place in the world.  There are many
> situations where users simply want to be able to type in something
> they've memorized.  Passwords will never go away completely for this
> reason.  Add into that the fact that far more average users understand
> username/password systems than certificates, and you will have a hard
> time convincing the world to switch off of passwords even in
> applications that would work prefectly well with SYH.

One could always used passwords to authenticate to an online CA or
keystore (think SACRED).

> To me, the best way forward is to offer seemless integration of SYH
> and SYK systems, both allowing for federated authentication and all of
> the advanced features everyone seems to want these days.  If you
> convince application developers and browser vendors to switch to such
> a framework, then you also eliminate some barriers to entry for
> switching some sites and users to switch away from passwords (or at
> least user-chosen passwords).

I proposed an authentication framework (based on existing ones) two
weeks ago.  It turns out that even when there's no fundamental
objections to a proposal (or even any objections at all), the fact is
that it's hard to get momentum going for any real solutions if those
would require either significant investment or just significant
re-thinking, or any sort of leap-of-faith.  (For example, in my
proposal there's a leap-of-faith that not only will mutual
authentication help, but that it's feasible to have such a thing on an
Internet scale.  I don't have proof either way -- it's just a
conjecture, though many of us believe that it is correct, but that may
not be enough.  For another example, I believe my proposal is
relatively simple to implement, but I've to convince others of this,
and that, for the moment, seems difficult.  This is not a complaint --
it is an illustration of the difficulty in achieving change here.
Lots of smart people have been working on these problems for many
years, and yet we're still more or less stuck with mid-90s technology
-- it's not for want of effort or good ideas, but that momentum is
difficult to change.)

> As a first step to this proposed master plan, the new SYK model must
> be more secure than what we are using now, in order to convince people
> to move away from web forms to the new system.  Protecting against
> phishing attacks, which are rampant these days, is one great way to do
> that.

How would you protect against phishing attacks via a new
authentication system?  I'm serious.  I believe it's possible to
improve the situation significantly that way, and I have my reasons,
but I want to hear yours.

Nico
--