Does Counting Still Count? Revisiting the Security of Counting based User Authentication Protocols against Statistical Attacks

At NDSS 2012, Yan et al. analyzed the security of several challenge-response type user authentication protocols against passive observers, and proposed a generic counting based statistical attack to recover the secret of some counting based protocols given a number of observed authentication sessions. Roughly speaking, the attack is based on the fact that secret (pass) objects appear in challenges with a different probability from non-secret (decoy) objects when the responses are taken into account. Although they mentioned that a protocol susceptible to this attack should minimize this difference, they did not give details as to how this can be achieved barring a few suggestions. In this paper, we attempt to fill this gap by generalizing the attack with a much more comprehensive theoretical analysis. Our treatment is more quantitative which enables us to describe a method to theoretically estimate a lower bound on the number of sessions a protocol can be safely used against the attack. Our results include 1) two proposed fixes to make counting protocols practically safe against the attack at the cost of usability, 2) the observation that the attack can be used on non-counting based protocols too as long as challenge generation is contrived, 3) and two main design principles for user authentication protocols which can be considered as extensions of the principles from Yan et al. This detailed theoretical treatment can be used as a guideline during the design of counting based protocols to determine their susceptibility to this attack. The Foxtail protocol, one of the protocols analyzed by Yan et al., is used as a representative to illustrate our theoretical and experimental results.

[1]  Hassan Jameel Asghar,et al.  A New Human Identification Protocol and Coppersmith's Baby-Step Giant-Step Algorithm , 2010, IACR Cryptol. ePrint Arch..

[2]  Ahmad-Reza Sadeghi,et al.  Breaking Randomized Linear Generation Functions Based Virtual Password System , 2010, 2010 IEEE International Conference on Communications.

[3]  Xiang-Yang Li,et al.  Practical Human-Machine Identification over Insecure Channels , 1999, J. Comb. Optim..

[4]  S. Sternberg Memory-scanning: mental processes revealed by reaction-time experiments. , 1969, American scientist.

[5]  Robert H. Deng,et al.  On Limitations of Designing Leakage-Resilient Password Systems: Attacks, Principals and Usability , 2012, NDSS.

[6]  Hideki Imai,et al.  Human Identification Through Insecure Channel , 1991, EUROCRYPT.

[7]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[8]  Yingjiu Li,et al.  On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability , 2012, NDSS 2012.

[9]  Susan Wiedenbeck,et al.  Design and evaluation of a shoulder-surfing resistant graphical password scheme , 2006, AVI '06.

[10]  J. Kase Graphical Passwords , 2008 .

[11]  Tsutomu Matsumoto Human-computer cryptography: An attempt , 1998 .

[12]  David A. Wagner,et al.  Cryptanalysis of a Cognitive Authentication Scheme (Extended Abstract) , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[13]  Yang Xiao,et al.  Virtual password using random linear functions for on-line services, ATM machines, and pervasive computing , 2008, Comput. Commun..

[14]  Cormac Herley,et al.  Can "Something You Know" Be Saved? , 2008, ISC.

[15]  T. Hwang,et al.  On the Matsumoto and Imai human identification scheme , 1995 .

[16]  Harry Shum,et al.  Secure Human-Computer Identification (Interface) Systems against Peeping Attacks: SecHCI , 2005, IACR Cryptol. ePrint Arch..

[17]  Daphna Weinshall,et al.  Cognitive authentication schemes safe against spyware , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[18]  Hassan Jameel Asghar,et al.  On the Hardness of the Sum of k Mins Problem , 2011, Comput. J..

[19]  R. Brualdi Introductory Combinatorics , 1992 .

[20]  Tzonelih Hwang,et al.  On the Matsumoto and Imai's Human Identification Scheme , 1995, EUROCRYPT.

[21]  Shujun Li,et al.  Breaking undercover: exploiting design flaws and nonuniform human behavior , 2011, SOUPS.

[22]  Jamie I. D. Campbell,et al.  Cognitive arithmetic across cultures. , 2001, Journal of experimental psychology. General.

[23]  Shujun Li,et al.  Cryptanalysis of the convex hull click human identification protocol , 2010, International Journal of Information Security.

[24]  Li Liu,et al.  A Virtual Password Scheme to Protect Passwords , 2008, 2008 IEEE International Conference on Communications.

[25]  Ahmad-Reza Sadeghi,et al.  On the Security of PAS (Predicate-Based Authentication Service) , 2009, 2009 Annual Computer Security Applications Conference.

[26]  Nicolas Christin,et al.  Undercover: authentication usable in front of prying eyes , 2008, CHI.