skip to main content
research-article
Open Access

Two-factor Password-authenticated Key Exchange with End-to-end Security

Published:28 April 2021Publication History
Skip Abstract Section

Abstract

We present a secure two-factor authentication (TFA) scheme based on the user’s possession of a password and a crypto-capable device. Security is “end-to-end” in the sense that the attacker can attack all parts of the system, including all communication links and any subset of parties (servers, devices, client terminals), can learn users’ passwords, and perform active and passive attacks, online and offline. In all cases the scheme provides the highest attainable security bounds given the set of compromised components. Our solution builds a TFA scheme using any Device-enhanced Password-authenticated Key Exchange (PAKE), defined by Jarecki et al., and any Short Authenticated String (SAS) Message Authentication, defined by Vaudenay. We show an efficient instantiation of this modular construction, which utilizes any password-based client-server authentication method, with or without reliance on public-key infrastructure. The security of the proposed scheme is proven in a formal model that we formulate as an extension of the traditional PAKE model. We also report on a prototype implementation of our schemes, including TLS-based and PKI-free variants, as well as several instantiations of the SAS mechanism, all demonstrating the practicality of our approach. Finally, we present a usability study evaluating the viability of our protocol contrasted with the traditional PIN-based TFA approach in terms of efficiency, potential for errors, user experience, and security perception of the underlying manual process.1

References

  1. RSA breach leaks data for hacking securid tokens. 2011. http://goo.gl/tcEoS.Google ScholarGoogle Scholar
  2. LinkedIn Confirms Account Passwords Hacked. 2012. http://goo.gl/AWB5KC.Google ScholarGoogle Scholar
  3. Google acquires slicklogin, the sound-based password alternative.2014. https://goo.gl/V9J8rv.Google ScholarGoogle Scholar
  4. Russian Hackers Amass Over a Billion Internet Passwords. 2014. Available at: http://goo.gl/aXzqj8.Google ScholarGoogle Scholar
  5. Hack Brief: Yahoo Breach Hits Half a Billion Users. 2016. https://goo.gl/nz4uJG.Google ScholarGoogle Scholar
  6. Sim swap fraud. 2016. http://goo.gl/y4Eogg.Google ScholarGoogle Scholar
  7. Sms-based two-factor authentication. 2016. https://bit.ly/2GiH4aN.Google ScholarGoogle Scholar
  8. Yahoo Says 1 Billion User Accounts Were Hacked. 2016. https://goo.gl/q4WZi9.Google ScholarGoogle Scholar
  9. Over 560 Million Passwords Discovered in Anonymous Online Database. 2017. https://goo.gl/upDqzt.Google ScholarGoogle Scholar
  10. Google Cloud Messaging. 2018. https://goo.gl/EFvXt9.Google ScholarGoogle Scholar
  11. Duo Security Two-Factor Authentication. 2019. https://goo.gl/e38UnB.Google ScholarGoogle Scholar
  12. Facebook stored hundreds of millions of passwords in plain text. 2019. https://www.theverge.com/2019/3/21/18275837/facebookplain-text-password-storage-hundreds-millions-users.Google ScholarGoogle Scholar
  13. FIDO Universal 2nd Factor (U2F) Overview. 2019. https://bit.ly/2IpPYH8.Google ScholarGoogle Scholar
  14. Google Authenticator Android app. 2019. https://goo.gl/Q4LU7k.Google ScholarGoogle Scholar
  15. Google stored some passwords in plain text for fourteen years. 2019. https://www.theverge.com/2019/5/21/18634842/googlepasswords-plain-text-g-suite-fourteen-years.Google ScholarGoogle Scholar
  16. Sign in faster with 2-Step Verification phone prompts. 2019. https://goo.gl/3vjngW.Google ScholarGoogle Scholar
  17. Signal by Open Whisper Systems. 2019. https://signal.org/.Google ScholarGoogle Scholar
  18. Sound Login Two Factor Authentication. 2019. https://goo.gl/LJFkvT.Google ScholarGoogle Scholar
  19. Two-factor authentication - authy. 2019. https://www.authy.com/.Google ScholarGoogle Scholar
  20. WhatsApp Simple, Secure, Reliable messaging. 2019. https://www.whatsapp.com/.Google ScholarGoogle Scholar
  21. YubiKeys: Your key to two-factor authentication. 2019. https://goo.gl/LLACvP.Google ScholarGoogle Scholar
  22. Zxing (“zebra crossing”) barcode scanning library for java, android. 2019. https://github.com/zxing/zxing.Google ScholarGoogle Scholar
  23. Michel Abdalla, Mihir Bellare, and Phillip Rogaway. 2001. The oracle Diffie-Hellman assumptions and an analysis of DHIES. In Proceedings of the Topics in Cryptology Conference (CT-RSA’01) (Lecture Notes in Computer Science), Vol. 2020. Springer.Google ScholarGoogle ScholarCross RefCross Ref
  24. Tolga Acar, Mira Belenkiy, and Alptekin Küpçü. 2013. Single password authentication. Comput. Netw. 57, 13 (2013).Google ScholarGoogle Scholar
  25. Mihir Bellare, David Pointcheval, and Phillip Rogaway. 2000. Authenticated key exchange secure against dictionary attacks. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques (Eurocrypt’02).Google ScholarGoogle ScholarCross RefCross Ref
  26. Steven M. Bellovin and Michael Merritt. 1993. Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’93). 244--250.Google ScholarGoogle Scholar
  27. Daniel J. Bernstein, Mike Hamburg, Anna Krasnova, and Tanja Lange. 2013. Elligator: Elliptic-curve points indistinguishable from uniform random strings. In Proceedings of the 2013 ACM SIGSAC conference on Computer & Communications Security. 967--980.Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Xavier Boyen. 2009. Hidden credential retrieval from a reusable password. In Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS’09). DOI:https://doi.org/10.1145/1533057.1533089Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Xavier Boyen. 2009. HPAKE: Password authentication secure against cross-site user impersonation. In Proceedings of the Conference on Cryptology and Network Security (CANS’09). Springer, 279--298.Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. John Brainard, Ari Juels, Burt Kaliski, and Michael Szydlo. 2003. A new two-server approach for authentication with short secrets. In Proceedings of the 12th USENIX Security Symposium. 201--213.Google ScholarGoogle Scholar
  31. John Brooke et al. 1996. SUS-A quick and dirty usability scale. Usabil. Eval. Industry 189, 194 (1996), 4--7. Retrieved from http://goo.gl/XDqBqg.Google ScholarGoogle Scholar
  32. Ran Canetti and Hugo Krawczyk. 2001. Analysis of key-exchange protocols and their use for building secure channels. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques. 453--474.Google ScholarGoogle ScholarCross RefCross Ref
  33. Sonia Chiasson, Paul C. van Oorschot, and Robert Biddle. 2006. A usability study and critique of two password managers. In Proceedings of the Usenix Security Conference.Google ScholarGoogle Scholar
  34. Alexei Czeskis, Michael Dietz, Tadayoshi Kohno, Dan Wallach, and Dirk Balfanz. 2012. Strengthening user authentication through opportunistic cryptographic identity assertions. In Proceedings of ACM Conference on Computer and Communications Security. ACM.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Emiliano De Cristofaro, Honglu Du, Julien Freudiger, and Greg Norcie. 2013. A comparative usability study of two-factor authentication. arXiv preprint arXiv:1309.5344.Google ScholarGoogle Scholar
  36. Sergej Dechand, Dominik Schürmann, Karoline Busse, Yasemin Acar, Sascha Fahl, and Matthew Smith. 2016. An empirical study of textual key-fingerprint representations. In Proceedings of the USENIX Security Symposium. 193--208.Google ScholarGoogle Scholar
  37. Ben Dodson, Debangsu Sengupta, Dan Boneh, and Monica S. Lam. 2010. Secure, consumer-friendly web authentication and payments with a phone. In Proceedings of the International Conference on Mobile Computing, Applications, and Services. Springer.Google ScholarGoogle Scholar
  38. Warwick Ford and Burton S. Kaliski Jr. 2000. Server-assisted generation of a strong secret from a password. In Proceedings of the IEEE International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE’00). 176--180.Google ScholarGoogle Scholar
  39. Craig Gentry, Philip MacKenzie, and Zulfikar Ramzan. 2006. A method for making password-based key exchange resilient to server compromise. In Proceedings of the Advances in Cryptology Conference.Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Nancie Gunson, Diarmid Marshall, Hazel Morton, and Mervyn Jack. 2011. User perceptions of security and usability of single-factor and two-factor authentication in automated telephone banking. Comput. Secur. 30, 4 (2011).Google ScholarGoogle Scholar
  41. Shai Halevi and Hugo Krawczyk. 1999. Public-key cryptography and password protocols. ACM Transactions on Information and System Security (TISSEC) 2, 3 (Aug. 1999), 230--268.Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Devriş İşler, Alptekin Küpçü, and Aykut Coskun. [n.d.]. User study on single password authentication. ([n.d.]).Google ScholarGoogle Scholar
  43. Tibor Jager, Florian Kohlar, Sven Schäge, and Jörg Schwenk. 2012. On the security of TLS-DHE in the standard model. In Proceedings of the International Cryptology Conference (CRYPTO’12). 273--293.Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Stanislaw Jarecki, Aggelos Kiayias, Hugo Krawczyk, and Jiayu Xu. 2015. Highly efficient and composable password-protected secret sharing. In Proceedings of the 1st IEEE European Symposium on Security and Privacy (EuroS&P’15).Google ScholarGoogle Scholar
  45. Stanislaw Jarecki, Hugo Krawczyk, Maliheh Shirvanian, and Nitesh Saxena. 2016. Device-enhanced password protocols with optimal online-offline protection. In Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIACCS’16). Retrieved from http://ia.cr/2015/1099.Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Stanislaw Jarecki, Hugo Krawczyk, Maliheh Shirvanian, and Nitesh Saxena. 2018. Two-factor authentication with end-to-end password security. In Proceedings of the International Conference on Practice and Theory of Public Key Cryptography (PKC’18).Google ScholarGoogle ScholarCross RefCross Ref
  47. Stanislaw Jarecki, Hugo Krawczyk, and Jiayu Xu. 2018. OPAQUE: An asymmetric PAKE protocol secure against pre-computation attacks. In Proceedings of the Advances in Cryptology Conference (EUROCRYPT’18).Google ScholarGoogle ScholarCross RefCross Ref
  48. Stanislaw Jarecki, Jubur Mohammed, Hugo Krawczyk, Maliheh Shirvanian, and Nitesh Saxena. [n.d.]. Two-factor password-authenticated key exchange with end-to-end password security. Cryptology ePrint Archive report 2018/033.Google ScholarGoogle Scholar
  49. Katie Kleemola John Scott-Railton. 2015. London Calling: Two-Factor Authentication Phishing From Iran. Retrieved from https://goo.gl/yt12xH.Google ScholarGoogle Scholar
  50. Ronald Kainda, Ivan Flechais, and Andrew William Roscoe. 2009. Usability and security of out-of-band channels in secure device pairing protocols. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS’09).Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun. 2015. Sound-proof: Usable two-factor authentication based on ambient sound. In Proceedings of the USENIX Security Symposium.Google ScholarGoogle Scholar
  52. Ambarish Karole, Nitesh Saxena, and Nicolas Christin. 2011. A comparative usability evaluation of traditional password managers. In Proceedings of the Information Security and Cryptology Conference (ICISC’11).Google ScholarGoogle ScholarCross RefCross Ref
  53. Jonathan Katz, Philip D. MacKenzie, Gelareh Taban, and Virgil D. Gligor. 2005. Two-server password-only authenticated key exchange. In Proceedings of the International Conference on Applied Cryptography and Network Security (ACNS’05). 1--16.Google ScholarGoogle Scholar
  54. Swati Khandelwal. 2017. Real-world SS7 Attack. Retrieved from https://thehackernews.com/2017/05/ss7-vulnerability-bank-hacking.html.Google ScholarGoogle Scholar
  55. Hugo Krawczyk. 2005. HMQV: A high-performance secure Diffie-Hellman protocol. In Proceedings of the Annual International Cryptology Conference. 546--566.Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. Arun Kumar, Nitesh Saxena, Gene Tsudik, and Ersin Uzun. 2009. Caveat emptor: A comparative study of secure device pairing methods. In Proceedings of the International Conference on Pervasive Computing and Communications (PerCom).Google ScholarGoogle Scholar
  57. Juan Lang, Alexei Czeskis, Dirk Balfanz, Marius Schilder, and Sampath Srinivas. 2016. Security keys: Practical cryptographic second factors for the modern web. In International Conference on Financial Cryptography and Data Security. Springer, 422--440.Google ScholarGoogle Scholar
  58. Chia-Chi Lin, Hongyang Li, Xiao-yong Zhou, and XiaoFeng Wang. 2014. Screenmilker: How to milk your Android screen for secrets. In Proceedings of the Network & Distributed System Security Symposium.Google ScholarGoogle ScholarCross RefCross Ref
  59. Philip MacKenzie, Thomas Shrimpton, and Markus Jakobsson. 2002. Threshold password-authenticated key exchange. In Proceedings of the Advances in Cryptology Conference (CRYPTO’02).Google ScholarGoogle ScholarCross RefCross Ref
  60. Daniel McCarney, David Barrera, Jeremy Clark, Sonia Chiasson, and Paul C. van Oorschot. 2012. Tapas: Design, implementation, and usability evaluation of a password manager. In Proceedings of the Annual Computer Security Applications Conference.Google ScholarGoogle Scholar
  61. Jonathan M. McCune, Adrian Perrig, and Michael K. Reiter. 2005. Seeing-is-believing: Using camera phones for human-verifiable authentication. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, 110--124.Google ScholarGoogle Scholar
  62. D. M’raihi, M. Bellare, F. Hoornaert, D. Naccache, and O. Ranen. 2005. Hotp: An HMAC-based One-time Password Algorithm. Technical Report.Google ScholarGoogle ScholarCross RefCross Ref
  63. David M’Raihi, Salah Machani, Mingliang Pei, and Johan Rydell. 2011. Totp: Time-based One-time Password Algorithm. Technical Report. Retrieved from https://goo.gl/9Ba5hv.Google ScholarGoogle Scholar
  64. David Pointcheval and Sébastien Zimmer. 2008. Multi-factor authenticated key exchange. In Proceedings of the Conference on Applied Cryptography and Network Security.Google ScholarGoogle ScholarCross RefCross Ref
  65. Nitesh Saxena, Jan-Erik Ekberg, Kari Kostiainen, and N. Asokan. 2006. Secure device pairing based on a visual channel. In Proceedings of the IEEE Symposium on Security and Privacy.Google ScholarGoogle Scholar
  66. Svenja Schröder, Markus Huber, David Wind, and Christoph Rottermanner. 2016. When SIGNAL hits the fan: On the usability and security of state-of-the-art secure mobile messaging. In Proceedings of the European Workshop on Usable Security (EuroUSEC).Google ScholarGoogle ScholarCross RefCross Ref
  67. Maliheh Shirvanian, Stanislaw Jarecki, Nitesh Saxena, and Naveen Nathan. 2014. Two-factor authentication resilient to server compromise using mix-bandwidth devices. In Proceedings of the Network and Distributed System Security Symposium (NDSS’14).Google ScholarGoogle ScholarCross RefCross Ref
  68. Maliheh Shirvanian, Nitesh Saxena, and Jesvin James George. 2017. On the pitfalls of end-to-end encrypted communications: A study of remote key-fingerprint verification. In Proceedings of the 33rd Annual Computer Security Applications Conference. ACM, 499--511.Google ScholarGoogle ScholarDigital LibraryDigital Library
  69. Victor Shoup. 2004. ISO 18033-2: An Emerging Standard for Public-Key Encryption. Final Committee Draft.Google ScholarGoogle Scholar
  70. Bradley Neal Suggs. 2013. Pairing a device based on a visual code. U.S. Patent App. 13/194,267.Google ScholarGoogle Scholar
  71. Ersin Uzun, Kristiina Karvonen, and Nadarajah Asokan. 2007. Usability analysis of secure pairing methods. In Proceedings of the International Conference on Financial Cryptography and Data Security.Google ScholarGoogle ScholarCross RefCross Ref
  72. Serge Vaudenay. 2005. Secure communications over insecure channels based on short authenticated strings. In Proceedings of the Advances in Cryptology Conference (CRYPTO’05).Google ScholarGoogle ScholarDigital LibraryDigital Library
  73. Ding Wang and Ping Wang. 2014. On the usability of two-factor authentication. In Proceedings of the International Conference on Security and Privacy in Communication Systems. Springer, 141--150.Google ScholarGoogle Scholar
  74. Catherine S. Weir, Gary Douglas, Martin Carruthers, and Mervyn Jack. 2009. User perceptions of security, convenience and usability for ebanking authentication tokens. Comput. Secur. 28, 1--2 (2009), 47--62.Google ScholarGoogle ScholarDigital LibraryDigital Library
  75. Catherine S. Weir, Gary Douglas, Tim Richardson, and Mervyn Jack. 2009. Usable security: User preferences for authentication methods in eBanking and the effects of experience. Interact. Comput. 22, 3 (2009), 153--164.Google ScholarGoogle ScholarDigital LibraryDigital Library
  76. Devriş İşler and Alptekin Küpçü. 2018. Distributed Single Password Protocol Framework. Cryptology ePrint Archive, Report 2018/976. Retrieved from https://eprint.iacr.org/2018/976.Google ScholarGoogle Scholar
  77. Devriş İşler and Alptekin Küpçü. 2018. Threshold Single Password Authentication. Cryptology ePrint Archive, Report 2018/977. Retrieved from https://eprint.iacr.org/2018/977.Google ScholarGoogle Scholar

Index Terms

  1. Two-factor Password-authenticated Key Exchange with End-to-end Security

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Privacy and Security
          ACM Transactions on Privacy and Security  Volume 24, Issue 3
          August 2021
          286 pages
          ISSN:2471-2566
          EISSN:2471-2574
          DOI:10.1145/3450360
          Issue’s Table of Contents

          Copyright © 2021 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 28 April 2021
          • Accepted: 1 January 2021
          • Revised: 1 August 2020
          • Received: 1 May 2019
          Published in tops Volume 24, Issue 3

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed
        • Article Metrics

          • Downloads (Last 12 months)366
          • Downloads (Last 6 weeks)15

          Other Metrics

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format .

        View HTML Format
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!