Vanquishing Voyeurs: Secure Ways to Authenticate Insecurely

Video thumbnail (Frame 0) Video thumbnail (Frame 1509) Video thumbnail (Frame 3422) Video thumbnail (Frame 6282) Video thumbnail (Frame 7406) Video thumbnail (Frame 9935) Video thumbnail (Frame 11020) Video thumbnail (Frame 12548) Video thumbnail (Frame 13579) Video thumbnail (Frame 15773) Video thumbnail (Frame 16817) Video thumbnail (Frame 17982) Video thumbnail (Frame 19119) Video thumbnail (Frame 20878) Video thumbnail (Frame 22331) Video thumbnail (Frame 23611) Video thumbnail (Frame 24643) Video thumbnail (Frame 26750) Video thumbnail (Frame 28304) Video thumbnail (Frame 29588) Video thumbnail (Frame 30818) Video thumbnail (Frame 32509) Video thumbnail (Frame 33607) Video thumbnail (Frame 34940) Video thumbnail (Frame 36021) Video thumbnail (Frame 37159) Video thumbnail (Frame 38259) Video thumbnail (Frame 39361) Video thumbnail (Frame 41105) Video thumbnail (Frame 42176) Video thumbnail (Frame 43926) Video thumbnail (Frame 45928) Video thumbnail (Frame 47216) Video thumbnail (Frame 51607) Video thumbnail (Frame 53052) Video thumbnail (Frame 62206) Video thumbnail (Frame 65304) Video thumbnail (Frame 67001) Video thumbnail (Frame 69540) Video thumbnail (Frame 70684) Video thumbnail (Frame 72001) Video thumbnail (Frame 73128) Video thumbnail (Frame 74356) Video thumbnail (Frame 75542)
Video in TIB AV-Portal: Vanquishing Voyeurs: Secure Ways to Authenticate Insecurely

Formal Metadata

Vanquishing Voyeurs: Secure Ways to Authenticate Insecurely
Title of Series
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
Abstract Zoz, Andrea Bianchi - Vanquishing Voyeurs: Secure Ways To Authenticate Insecurely Observation is one of the principal means of compromise of authentication methods relying on secret information such as PINs and login/password combinations. Attackers can gather this information via observation, either from without by methods such as shoulder surfing and camera-based ATM skimmers, or from within by methods such as keystroke loggers and button-overlay-based ATM skimmers. Though these vulnerabilities of PIN/password based authentication mechanisms are well known, they have been difficult to correct due to the prevalence and general acceptance of such systems -- they are used in essentially all ATMs, mobile device locking mechanisms, and most web-based authentication schemes. It is difficult to avoid at least the occasional use of untrusted public terminals and devices and the unlocking of one's mobile device in public. We therefore present our research into devices and techniques for mitigating the threat of credential compromise when doing so. These include haptic and auditory mechanisms for password entry into public terminals, mobile device tools for turning one's mobile device into an observation-resistant password entry system, and strategies and tools for secure password entry in the presence of keyloggers and other input recording devices. These techniques can successfully evade observation even when one does not have administrative control of the terminal, as in the case of internet cafe computers and public ATMs. Zoz is a robotics interface designer and rapid prototyping specialist. He is co-founder of Cannytrophic Design in Boston and CTO of BlueSky in San Francisco. He is a visiting professor at KAIST in Korea. He is best known for the Discovery Channel shows 'Prototype This!' and 'Time Warp', and for faking a crop circle. Andrea Bianchi is an interface inventor and designer. He is the director of the DALSMA (Digital Architecture and Large Scale Media Art) conference and is currently completing his PhD in Culture Technology at KAIST in Korea. He owns 19 pairs of glasses.

Related Material

Video is accompanying material for the following resource
Personal identification number User interface Integrated development environment Password Authentication Feedback Perspective (visual) Information security Social class
Authentication State observer Dependent and independent variables Key (cryptography) Password Interface (computing) Computer network Auto mechanic Data transmission Type theory Category of being Process (computing) Software Integrated development environment Natural number Password output Remote procedure call output Information security Row (database)
Authentication State observer Statistics Key (cryptography) Information Token ring Structural load Uniqueness quantification Password Plastikkarte Shape (magazine) Mereology Biostatistics Category of being Mathematics Password Quicksort Information security Row (database) Fingerprint
State observer Cognition Implementation Password Structural load Personal digital assistant Password System programming Information security Area Cognition Vulnerability (computing)
User interface Classical physics State observer Touchscreen Key (cryptography) Information Plastikkarte Interface (computing) Computer network Interface (computing) Neuroinformatik Software Password Encryption System programming Right angle
User interface Asynchronous Transfer Mode Game controller Personal identification number Interactive television Virtual machine Perspective (visual) Asynchronous Transfer Mode Neuroinformatik
Mathematics Personal identification number Touchscreen Interactive television Videoconferencing Staff (military) Remote procedure call Endliche Modelltheorie
Personal identification number Graphics tablet Numbering scheme Game controller Touchscreen Information Interface (computing) Digitizing Decimal Interactive television Interface (computing) Element (mathematics) Type theory output Asynchronous Transfer Mode
Injektivität Overlay-Netz State observer Multiplication sign Interactive television Plastikkarte Sound effect Perspective (visual) Power (physics) Mechanism design Casting (performing arts) Operator (mathematics) Computer hardware Website Self-organization Transmissionskoeffizient Endliche Modelltheorie Wireless LAN Extension (kinesiology) Information security Asynchronous Transfer Mode
Overlay-Netz Personal identification number Graphics tablet User interface State observer Exterior algebra Telecommunication Right angle Data transmission Fingerprint
Personal identification number Graphics tablet Multiplication Key (cryptography) Password Modal logic Keyboard shortcut Touch typing Interactive television Normal (geometry) Selectivity (electronic) Game theory
State observer Axiom of choice Interface (computing) Interactive television Interface (computing) Shift operator Power (physics) Arithmetic mean Mechanism design Different (Kate Ryan album) Different (Kate Ryan album) Strategy game System programming Self-organization output Information security output Information security Asynchronous Transfer Mode Default (computer science)
State observer Pulse (signal processing) Feedback Multiplication sign Modal logic Password Shift operator Side channel attack Vibration Sequence Data model Prototype Sic Telecommunication System programming Series (mathematics) output Axiom of choice Key (cryptography) Interactive television Physicalism Mereology Sequence Punktgruppe Word Exterior algebra Estimation Telecommunication Strategy game System programming output Key (cryptography) Form (programming) Asynchronous Transfer Mode
Password Complete metric space Function (mathematics) Vibration Element (mathematics) Data model Connected space Graphical user interface Telecommunication Software Computer hardware output Game controller Rule of inference Serial port Key (cryptography) Correspondence (mathematics) Forcing (mathematics) Interface (computing) Feedback Hecke operator Visualization (computer graphics) Computer hardware Password Order (biology) System programming Key (cryptography)
Personal identification number Standard deviation Numbering scheme Numerical digit Numerical digit Digitizing Forcing (mathematics) Password Element (mathematics) Power (physics) Network topology Password Right angle Information security
User interface Authentication Pattern recognition Slide rule Observational study Observational study Link (knot theory) Set (mathematics) Bit rate Interface (computing) Gauge theory Average Performance appraisal Error message Computer hardware Revision control Software testing Error message Resultant
Pattern recognition State observer Complex (psychology) Random number Numbering scheme Personal identification number Observational study Length Multiplication sign Decimal 1 (number) Password Average Revision control Performance appraisal Different (Kate Ryan album) Simplex algorithm Software Personal digital assistant Energy level Information security Condition number Personal identification number Randomization Standard deviation Observational study Digitizing Forcing (mathematics) Error message Software Computer hardware Password Telecommunication Revision control System programming Condition number Key (cryptography) Prototype
Trail Wechselseitige Information Numbering scheme Personal identification number Overhead (computing) Observational study Multiplication sign Authentication 1 (number) Median Password Complete metric space Variance Workload Different (Kate Ryan album) Hybrid computer Error message Personal identification number Observational study Digitizing Variable (mathematics) Measurement Error message Workload Task (computing) Asynchronous Transfer Mode
Personal identification number Pattern recognition Collaborationism Android (robot) Shift operator Touchscreen Surface Interface (computing) Login Shift operator Different (Kate Ryan album) Password System programming Process (computing) Pairwise comparison
Personal identification number Modal logic Interface (computing) Mobile Web Authentication Moment (mathematics) Visual system Password Interface (computing) Sequence Touch typing System programming Interface (computing)
Personal identification number Pulse (signal processing) Numbering scheme Personal identification number Decimal Password Function (mathematics) Sequence Vibration Element (mathematics) Sequence Ontology Interface (computing) Set (mathematics) Hydraulic motor Right angle Pattern language
Point (geometry) Covering space State observer Noise (electronics) Random number Numbering scheme Personal identification number Observational study Digitizing Interface (computing) Demo (music) Password Revision control Graphical user interface Integrated development environment Order (biology) System programming Videoconferencing Bijection
Pattern recognition Standard deviation Numbering scheme Personal identification number Observational study Numerical digit Modal logic Authentication Bit rate Interface (computing) Subset 2 (number) Performance appraisal Bit rate Alphabet (computer science) Energy level Software testing Error message Information security Pattern recognition Observational study Forcing (mathematics) Digitizing Numerical analysis Gauge theory Error message Alphabet (computer science) Interface (computing) System programming Software testing Information security Task (computing) Resultant
Personal identification number Personal identification number Observational study Observational study Length Interface (computing) Authentication Bit rate Sound effect Mach's principle Error message Bit rate Arithmetic mean Hash function Interface (computing) Software testing Error message Resultant
Personal identification number Cognition Pattern recognition Dialect Observational study Numbering scheme Direction (geometry) Interface (computing) Digitizing Password Interface (computing) Bit rate Interface (computing) Vibration Usability Similarity (geometry) Error message System programming Interface (computing) Right angle
Revision control Exterior algebra Password Digitizing Price index BEEP output Distance Sequence
Point (geometry) Personal identification number Pattern recognition Modal logic Pattern recognition Observational study Personal identification number Freeware Observational study Kolmogorov complexity Digitizing Multiplication sign Interface (computing) Password Hypothesis Hypothesis Planning Workload Error message Software testing output
Personal identification number Personal identification number Kolmogorov complexity Interface (computing) Modal logic Bit Workload Error message Workload Bit rate System programming System programming Error message Task (computing) Resultant
Authentication Personal identification number Pattern recognition Numbering scheme Pattern recognition Personal identification number Numerical digit Digitizing Closed set Password Counting Coma Berenices Hypothesis Workload Error message System programming System programming Pairwise comparison Error message
Authentication Default (computer science) State observer Key (cryptography) Keyboard shortcut Password Physicalism Core dump Coma Berenices Mereology Web browser Neuroinformatik Type theory Mechanism design Software Password Software Computer hardware System programming Website output
User interface Scripting language Trail Email Touchscreen Structural load Multiplication sign Keyboard shortcut Virtual machine Password Bit Web browser Mereology Neuroinformatik Element (mathematics) Data management Frequency Data mining Arithmetic mean Malware Software Password Order (biology) Energy level
Meta element Game controller Service (economics) Token ring Code Multiplication sign Computer-generated imagery Password Cloud computing Seifert fiber space Neuroinformatik 2 (number) Web 2.0 Data management Medical imaging Malware Internetworking Personal digital assistant Information security World Wide Web Consortium Authentication Personal identification number Email Information Keyboard shortcut Physicalism Database transaction Gauge theory Degree (graph theory) Number Message passing Computer configuration Personal digital assistant Password Internet service provider Website
Axiom of choice Length Multiplication sign Neuroinformatik Web 2.0 Medical imaging Malware Mechanism design Spherical cap Hooking Computer configuration Different (Kate Ryan album) Single-precision floating-point format Encryption Website Graphics tablet Injektivität Scripting language Area Email Touchscreen Digitizing Software developer Keyboard shortcut Physicalism Bit Substitute good Type theory Process (computing) Website Right angle Quicksort Web page Ocean current Game controller Graphics tablet Virtual machine Web browser Login Telebanking Event horizon Field (computer science) Element (mathematics) Internet forum Term (mathematics) Operator (mathematics) Metropolitan area network Form (programming) User interface Authentication ASCII Key (cryptography) Interface (computing) Forcing (mathematics) Content (media) Basis <Mathematik> Limit (category theory) Graphical user interface Software Password Form (programming) Window Software protection dongle
Point (geometry) Web page State observer Group action Code Length Multiplication sign Motion capture Combinational logic Function (mathematics) Login Revision control String (computer science) Alphabet (computer science) Videoconferencing Circle Touchscreen Key (cryptography) Information Interface (computing) Keyboard shortcut Entire function Type theory Visualization (computer graphics) Password Key (cryptography) Quicksort Reading (process) Spacetime Row (database)
Point (geometry) Axiom of choice Asynchronous Transfer Mode Service (economics) Observational study Multiplication sign Modal logic Sheaf (mathematics) Set (mathematics) Web browser Side channel attack Element (mathematics) Power (physics) Formal language Different (Kate Ryan album) Single-precision floating-point format Set (mathematics) System programming Position operator Axiom of choice Touchscreen Key (cryptography) Keyboard shortcut Counting Generic programming Vector potential Process (computing) Infinite conjugacy class property Order (biology) Key (cryptography) Row (database) Spacetime
Predictability Personal identification number Graphics tablet Interface (computing) Interactive television Password Physicalism Numbering scheme Mereology Numbering scheme File Transfer Protocol Expected value Web 2.0 Different (Kate Ryan album) Computer hardware Computer hardware Universe (mathematics) output Asynchronous Transfer Mode
Authentication Constraint (mathematics) Information Telecommunication Telecommunication Direction (geometry) Interactive television Password Numbering scheme Rule of inference
Point (geometry) Prototype Personal identification number View (database) Telecommunication Interactive television Physicalism System programming Right angle Distance
Revision control State observer Observational study Bit rate Lie group Password Computer hardware Fehlerschranke Microcontroller Encryption Interface (computing) Row (database)
Revision control State observer Touchscreen Multiplication sign Planning Graph coloring Data transmission Field (computer science)
Personal identification number State observer Personal identification number Service (economics) Key (cryptography) Multiplication sign Authentication Password Insertion loss Vector potential Vector potential Software Hacker (term) Computer hardware Password Internet service provider Software Computer hardware System programming System programming Website Information security Information security
my talk is going to be about more secure ways to authenticate in insecure environments so addressing from a user interface perspective some of the problems with passwords and pins and there are two names there and anyone that came here expecting that there would be a hot girl accompanying me giving this talk a doubly disappointed
because Andrea is not a girl he's
Italian so it's an Italian name and he couldn't
make it a lot of this talk is Andrea's PhD work at Christ I'm a visiting
professor occasionally at Christ in South Korea and I thought that defcon would be very interested in in Andrea's work and I was hoping that he'd be able to come to but he has to finish his PhD at the end of this summer and he's taking four hours a day of Korean classes because he's a masochist and so he just couldn't make it but he joins us in spirit and he'll be very excited to get feedback from the DEF CON and the security communities about this work so
an overview of the whole of the whole hour-long talk first of all some key features of password and Pino authentication and the nature of the observation threat then three categories of threat and response and our concern here is primarily interface design so not the idea that we can make this thing perfectly secure because we know that we can't but first of all but it's going to be how about how we design interfaces that mitigate these threats in an environment where we can't completely control what's going on so first of all being observed from outside so physical and key entry at an insecure terminal and some mechanical and electromechanical observation resistant solutions to that problem secondly observation from within a compromised terminal so being watched from the inside and protecting your key between your insecurities input device and the network and the bank and whatever way you can secure it or you can do a better job of securing it so subversion of recorders and loggers and then rethinking the way that we treat passwords and enter them so it's not just the thing that we remember that we have to physically type in somewhere so remote entry and secure transmission to the terminal and can we use some of these digital tools that now everyone carries so here
are some basic authentication methods and that's what this is what passwords are competing against right so password is something that you remember versus something that you have so a key or RFID card or a security card or something you have because it's part of you a biometric statistic of some sort and why
should you use one over the other everyone has advantage and advantages and disadvantages so with passwords the big advantages are that the information is invisible so no one knows if you have it or not and it can be delegated so that means you can give it to someone else you can give it if someone needs to get in something you can give them your password and delegation also includes replacement if someone gets it you can change it and you can maintain security the drawback the big drawbacks that you know there's a cognitive load you have to remember them and they're susceptible to observation if you know what it is it's already copied tokens they're also cheap like passwords and they're commonly available and you can delegate them you can give someone your key but it is a physical thing you think they can be stolen they can be copied that can be lost and they can deteriorate they can stop working the biometrics have no cognitive load at all you don't have to remember it's just something you have and people seem to kind of dig them in a certain way like non security people especially are really into them but they're also a physical property they can also be copied they're an unique thing but they're not secret people can you know record your fingerprints or whatever you're using as a biometric and they deteriorate they change even as you get older things like you know the shape of your face and so on change also a lot of people have severe philosophical issues against them and you can't delegate them you can't give you a finger to someone to log in on a fingerprint thing and you certainly wouldn't want to so we like passwords
because they're invisible and delegate able but the cognitive load has always been a big problem for them and you see that so many massive breaches don't depend on individual problems with implementation of security at the different places they depend on the fact that people reuse multiple passwords you know and they get someone's gmail password and then suddenly they've broken into all of the critical systems that they're also have access to we tell people not to do that but they do it anyway so even though
they are still valuable in they're going to be with us the big weakness is the fact that that cognitive load causes people to reuse them and they're and they're now even more weak against observation you need to have many of them and you need to change them frequently because they can be lost so easily an observation is a classic
attack it's not just in passwords and so on so cheating at poker for example this this item that's on the screen is a fake pipe with a mirror in it for a card dealer to cheat at poker so they can see the cards that they pass across it so a classic observation attack for a for a crooked individual in the system and these observation attacks are everywhere in computing so they're in the human interface external for example shoulder surfing or mirrors and cameras quick show of hands who's ever shoulder surfed someone's password or PIN I hope it would be most people in this room right because it's so easy you can also dust the keypad and you can essentially shoulder surf when when someone's not there when they've already left and used the thing there's stuff that's internal to the to the computer interface so ATM skimmers a really great example of that that if be cropping up everywhere key loggers hand stuff anyone that's ever used the key logger on someone else's computer or their iron not quite as many people because you have to be really going after someone to do it but it's still really common and then of course the stuff that we normally really think about the attacks in the network so packet sniffing man-in-the-middle and so on so you're grabbing information once it's already in the system and that's because that's so common there's a lot of work that's that being done to mitigate that so a lot of encryption and so on and of course we can secure the external and internal human human interface the stuff that that faces the human if we keep the interface private but what about when we have to use public terminals so public
terminals are everywhere
l?cia ATMs Airport kiosks door locks public computers and access control for
facilities you know you probably used one pretty much every day so let's take a closer
look at one of the most common public terminals from a human interface perspective the ATM where did it come from and why was it designed the way that it is well before they were ATMs
they would just the human bank teller he went to the bank he dealt with a human it was a reasonably private interaction and so you know when designers say we're
gonna replace the bank teller for whatever reason well you get a machine
that acts like a teller so that's the first cash dispenser 1967 and the early ATM concepts really
replace the interaction with the human they had a human on a video screen this is 1973 future teller and you can see
these television tellers they had a person somewhere else remotely doing a virtual shared interaction just like the real teller so why would you do that why would you replace a human teller in person with a human teller on a video screen even if you look 2010 you know we're doing is still doing that same thing as in 1973 with a teller on a video screen for these certain tellers well you want to replicate the experience but add 24 hour hour availability and remote access but yeah
in 40 years even though things became more automated you didn't necessarily need a remote human staff the basic terminal model in the interaction style didn't change like the tail of the terminal is a physical thing that you need to go and use and people can watch you doing that I mean think about what you know how what other things that were you doing the same way 40 years on now
they're lots of ATMs everywhere but the number of manufacturers is not super great and the interaction style is practically identical you've got a digital decimal PIN number that you type in interface twice it's like a monoculture everyone's basically the
same there's a place to input a token and a place to receive cash and an interface to input control information include including that secret information and even when a company like
idea which I think is the world's biggest design firm tries to reinvent the ATM it ends up looking slick to me it kind of looks like a urinal but it still has essentially the same interface elements right it still got that screen and that pin code pad so
there ATM of the future as envisaged you know in the last couple of years is still not too different from the concept from nearly 40 years ago from a security
perspective what's really important about this interaction design that's had remarkable staying power is that it's physically situated and therefore easily attackable with physical methods such as
shoulder solar surfing and mechanized observation like ATM skimming hopefully
everyone here has been keeping up to some extent with the effect that low-cost hardware is having on ATM attacks and the proliferation of sophisticated skimming operations there was even a fake ATM installed at Def Con here a couple of years back well not here at the Riv but someone set up a fake ATM and wait waited to see what people would treat you know with people try to use it we got mag strike readers wireless transmitters cameras they're all so cheap now that you can make something like this that's essentially disposable when it gets found you're gonna lose it but it'll pay for itself in just a couple of skimming operations criminal organizations manufacture injection molded keypad and card reader overlays and so on for coming ATMs like a lot of the most common national cast red cash register models and you can buy them on sketchy crime sites for like a thousand dollars and every time I go to an ATM now like I really look for a skimmer not just to make sure I don't use it because I really want to find one in the wild you know and I want to get it and take it apart I haven't been lucky enough to do that yet but hopefully one day I will
and they use methods of observation like cameras to see people typing their pin codes also wireless transmission from the PIN pad overlays and so on and then down there in the lower right is an electronic door lock which they love in Korea like there aren't basically every door but they're super susceptible to observation because you can see the fingerprints on the commonly used buttons or you can add a you know something else that gets wiped off when people use it you can tamper with it so there's definitely a threat to using a public terminal and all of these attacks
work because the attacker knows in advance how the pin is going to be entered so quite a few researchers in the human interface community have suggested alternative methods of pin entry so for
example pin pads that move around and you have to play like kind of a game so the interaction is not so easy to replay spy resistant keyboards so you can't tell which of the keys someone selecting because there's multiple different colored keys characters on a key gaze
based password entry so the idea is if you're not looking directly at the person you can't see how they're moving their eyes around to log in and then
haptic password entry which is some stuff that Andrea has been working on so this is things that you feel haptic is using the the modality of touch but
despite all this pee pads are still the norm so here's the basic considerations
of the stuff that we've been looking at we accept the need to use public terminals it's not going to go away but
it doesn't mean that we have to all do it the same so we want to be out of mix-up possible entry mechanisms to make the system less of a monoculture and less easy for one attack to get everything it doesn't mean we have to use the interface we're given so we want to give users the power to improve their own interface security not just be dependent on whatever the organization offers and we want to revisit the assumption that all interaction has to happen at the terminal even if it's a physical terminal that you've got to use all of that interaction doesn't have to happen there so we want to move from a
mode where everything is done one way at the terminal subject to observation and replace it with a way that things can be done lots of different ways the input is mediated at the terminal in an observation resistant fashion so in
other words to decouple the interaction to separate the input method from the communication to the terminal so plant
one observation Numan new alternatives for physical key entry to avoid observation at the terminal physically and the basic idea which would present
various methods here is a haptic password or or the basic idea really is a side channel that's not visual and it's less easily observable and what one of these is haptics so first off a haptic keypad and haptics our observation rosette resistant because the sensory modality is Leslie people have a hard time feeling what you feel then seeing what you see and so we have these in this in this work there's a series of tactile cues or tack times that you feel at the fingertips and they're inherently invisible to someone that's watching you use them so in this in this system we have three possible tact on a continuous buzz I can use vibration and 1 Hertz pulsing and a 2 Hertz pulsing and these different modes are pretty easily distinguishable with the feet with the fingers and so you can make a password out of a sequence of these tacked on and here's the prototype
of a heck to have 2 keypad that uses them quite simple hardware it's an Arduino that does all the work and then the haptic keys are each have a vibrate active element and a sensing element so
here's what the keys looked like closer there's a force sensing resistor for adjusting the output of the vibrotactile element and there's a switch for registering a key press and then the actual very tactile motor that makes the vibration and there's visual feedback in
the interface of how far along that you are in the password but nothing that indicates what was entered just how many things were pressed so how it works is
the 3 TAC tongs are always assigned to the 3 keys with the one-to-one correspondence but in a random order so even if someone sees the way your fingers move they can't do a replay attack you feel all three keys and you select the one that corresponds to the right tact on in your password and then click the key repeat for as long as the
password goes so press down so it won't do it if your fingers aren't on the keys so you're obscuring the vibrational elements fuel the 3 tacked on select the right one and then they get randomly reassigned and you go along through the stages the password now there's three
separate tacked on so that means that the password essentially forms a trainer like binary but with three probably three possibilities and the probability of a guessing attack on any password is one that is one over the number of possibilities to the number of unknown to the power of the unknown digits in the pin so if we have a standard numerical password four decimal digits that's a 1 in 10,000 Pro ability of a brute force success per attempt so it's clear that with a haptic PNR three tap with three tack Don's then peen is going to need to be longer than a decimal pin so this is maybe
going to be a little weird for the DEF CON audience in the human interface community we do user studies to see if things would work on art which basically means you round up anyone that's near the lab and give them 10 or an ice-cream voucher to come and play with your device for a while and I'm going to skip through these pretty quick but if you're interested then links to the papers and more details are on the set of slides that's on the DEF CON DVD so we did a pilots that you are and rated a pilot study to evaluate whether the tacked-on Zapotec perceptually distinct or not so can people recognize them and in the second study if the hiware works then can it be used effectively for authentication so the result of the
pilot study was people could recognize them very easily there were no errors and then from so that led to the user
study in which there were three experimental conditions to evaluate different versions of the software and different pin lengths so the first two
conditions first of all a six digit pen which is not secured to the standard of a four digit decimal pen but it's your relatively memorable and then a nine digit one which does conform to that brute-force attacks security level it's worth noting that 729 is not considered secure by the standards of the four-digit pin but it's not that much fewer than a simplex lock which has been used all over the place so trade-off between password length and performance then if we assume that brute-force attacks are not a problem because it's electronic and the device won't let you make hundreds of attempts at least in a reasonable time then we can resist observation and not worry so much about brute force by doubling the number of trials for each pin digit if instead of pressing the right tacked on you press both wrong ones so it makes it harder to observe what someone's doing because there's more presses going on but the brute force resistance is the same but it gives you a higher observation resistance that's a trade-off of complexity versus performance so we're all smooth from
this use these this user study showed first of all that the different methods did take different amounts of time as you would expect the longer pin takes longer to enter but the hybrid mode entering the incorrect ones even though it's a six digit one took even longer but there there are twelve entries instead of six the number of errors was
not significant but possibly due to the high amount of variability of the study and then there was also a nasa TLX
workload measurement done to see what the mental workload was and it showed that the hybrid mode was much more difficult to keep track of mentally so
using the six digit tactile pin as a reference the nine one nine digit one was not more challenging for users in a workload sense remembering a nine digit tactful pin was easy enough to remember and didn't you know provide significantly more error whereas the hybrid mode there's a lot to think about there was a higher overhead and it did take longer and that was compared with a
different haptic password entry method that I mentioned earlier and it performed performed better so that's a
method that can be used when you have a physical keypad but what about unlocking these new interactive devices that we have there's there been a shift in the
way that we compute over the last 40 years from private user to these public collaborative interfaces like surfaces and to mobile devices and we still need
to log in to them so we've got large screens we've got public spaces so shoulder surfing as as useful if not more so for pin theft than it ever was it's almost hard not to shoulder surf peoples for mobile phone pins especially when people use that Android swipe thing like you can't see someone login and not remember it's it just drives you nuts so it just remains one of the most common ways to steal one so we great if we had
an invisible peen entry method that could use an alternate sensory modality just like they have two keypad but should it be audio or touch then we can
write off smell and taste I think for the moment so previously Andrea had done a
interface with a rotary wheel where you searched for attacked on by spinning this wheel and then selected it so kind of like a knob interface to the to the tactile keypad so this is a the same
kind of tacked on and a 3d printed knob
that with a vibrant axle element and you just kind of spin it and search for the one that's the right one press the button to enter and move on to the next one now with mobile phones we have
vibration motors in them we can do the tack tongs and we also have audio output so for a numeric pin we could use text-to-speech to actually speak up speak out those numbers so we have a sequence of cues either auditory or tactile that can be invisible to everyone if headphones are used for the audio but if we want to compare haptic
and auditory cues for decimal pins then we need more tact ons so we made up more haptic vibration patterns to correspond to the 10 things and they order it in a way that seems reasonable right so single pulses going to double pulses a triple pulses to continuous so here's
the touchscreen version of the rotary wheel interface 10 slots for 10 digits they're assigned two slots with a one-to-one correspondence preserving order but randomizing the start points for observation resistance so you start somewhere move around looking for the correct number and then select by selecting the center of the wheel to lock in that digit move on to the next one and then the order is reran demised on each trial so that you can't learn anything from the previous entry so
here's a video showing so you can't tell by looking at it what the digits are that are being answered and if you use the headphones only the user can see what is being entered and with the vibrotactile method if the environment is quiet and it is not too quiet and you can get away without using the headphones at all so and in a public space where there's some the cover noise so to user studies with none for this
one as well again a test for perceptual distinction and then a force a full study to compare two things first auditory versus haptic modality second large alphabet versus small alphabet how big of a number of digits should be involved assuming that there's enough for acceptable brute force resistance
the pilot study showed some difficulties with tact on recognition with the large alphabet so the more complex alphabet was harder to recognize the error rate was higher in the full study to
trade-offs were analyzed so maintaining the same security level looking at first of all the two modalities and then four digits from 10 alphabet and then a six digits from five both of them have acceptable secure security and the six digits one allows us to compare to the tactile keypad so the results of that
showed first of all audio is much quicker than haptics regardless of pin length and there's again a lot of
variants in the era such that we didn't get a statistically significant significant result from error rate
so overall the audio was better than the haptics perhaps because it's more familiar but you have to use headphones to make it non observable the error rate dropped from the mains from the main study from the pilot because it was the same subjects who used and it seems like subjects become more experienced with the interface so it doesn't mean that it's completely out of the question if people are going to quickly become twice as good at it so overall better
slightly better performing than the haptic pad but as we saw in these interfaces
there are basic problems from a usability standpoint so even with the wheel style lock a wheel on knobs should be really simple should be very intuitive everyone knows to spin things spin it to go one way or the other but with the tactiles we have to remember and recognize all these weird vibration sensations so what about an interface
that only uses a single cue that would completely eliminate the recognition problem so instead of recognizing and distinguishing between these multiple pectins you just have to count so that
the next one is called the spin lock which is loosely modeled on a safe dial so instead of digits the pin consists of movement offsets to the left or the right so here it is using the auditory
version again observation protected when using hit headphones
and the thing is here you have your password it has to be kind of stored in a way
that's not your normal just sequence of digits because you have to remember if it's left or right but it all in you
know alternates one way or the other you set up a password
and the clicks here are just progress indicators and the beeps of accounts someone who's observing can't tell how many you've done because the distances
are randomized and the stop point is
worth once again silent with the headphones on so use a study for this
one and rerun them read them as well looking at three questions okay do we think it's going to be faster to count them to recognize do we think it's going to be more accurate to count them to recognize and the third hypothesis that counting will be a lower workload than recognition so once again haptic an audio compared and this time pins made from either five or ten possible digits so possible movements to the left or the right each usually got instructed got to play
with the interface then do four tests and this TLX mental workload test so as
you'll expect long longer pins took longer to answer and the haptic took a little bit longer to do than the audio but not a lot a little bit more error-prone for haptics and audio as well also not a lot but statistically
significant the workload one was interesting once again the haptic interface was more cognitively demanding than the audio so people still had to kind of think about it a lot but
nevertheless in post-test questioning people preferred the haptic modality because they felt that it was more private they didn't have to switch to the headphones so a couple of possible explanations there first of all system latency can be a problem for haptics because that motor has to spin up and so if people are spinning the wheel fast then they can miss the cues as they go over them so that could be a contra contributor to the high error rate secondly more complex pins took longer to enter but they didn't result in worse errors so it doesn't feel like there's an error rate per entry of the pianist some kind of just overall error rate and
I think that that's because a large number of error trials involved a missed can only one item and the majority of those errors involve people entering a very close number of digits and then becoming aware of that and resetting the system so just missing that correct count and they knew to reset and start over so it's not the same as having an elf medication failure and getting frustrated and then of course potentially wiping your device if you have it set to wipe after a certain number of authentication fails came out
slightly better on average than that rotary lock that came before so we feel
that simplifying the pin to account instead of digit recognition is faster less error-prone has a lower mental workload so that's some new ideas for
physical key entry at the terminal in the presence of physical observation threats like cameras and shoulder surfing but what about when you have to use a terminal that you don't trust like a web browser that has the default computer key entry mechanism which is a keyboard you know can we use software to help us make it help make us less defenseless against observation from within here's the problem with untrusted
computers as a user you can keep your password secret you can do everything properly you never tell anyone never write it down and once it's in the system it can be salted and hashed and it can be used for authentication in ways that make it difficult to recover the original password but when it comes to actually entering that password you have to do it in the clear you have to type in the real the real thing so keystroke loggers are a major method of password observation and compromise last year I gave a talk about recovering my stolen computer and one of the tools that I used to do it was a keystroke logger they can be in software and they can also be in hardware you can get on sites like ThinkGeek these little hardware keyloggers that read the keyboard send it out wirelessly and just grab whatever it what everyone whatever someone types now of course
malware is one of the most well known ways that people get their active activities logged and compromised but I don't want people to focus on malware entirely because there's lots of other ways you can come into contact with a logger with varying levels of quote-unquote legitimacy meaning whether it's been installed by someone that owns the computer or not some people install loggers to keep track of like you know to see if the boyfriend has you know you've been sending the other email password to see how they've been emailing other women and stuff like that you got jealous partners you've got employers that do a lot of keystroke logging governments and so on so for the paranoid there are lots of other ways you can get logged some people even install loggers on their own machine as a matter of course so that they can go back and see if anyone else has been been using it and what they've been doing and maybe reverse on them if they need to so any part of the user interface can be logged it's not just the keyboard but it is that you know any keystrokes mouse clicks screenshot shots of what on the script what's on the screen and mouse movements and so on there's a kind of in decreasing order of they whether they're usually in a log or a 54 when you find a software logger so that's why it's interesting for user interface designers to see if we can make things a bit more difficult for the attacker while not making it too much more difficult for the legitimate user
now the start I mentioned that a problem with passwords is this load of having to remember lots of them and this leads to bad practices like reuse so browsers and computers now often feature these password keychain features and this has the side benefit that it reduces I mean first of all it means you can keep track of them all that's the main reason but the side benefit is that it reduces the frequency that you have to use those UI elements to actually enter a password a lot of times you can just click OK so less stuff gets locked and I noticed that when I was stalking back my own computer but these things are no use at all on a public terminal because you don't want it to remember your password and I you know I personally has a somewhat paranoid person hate even using a friend's browser because I don't know how they have password saving configured it might just be you know remembering old passwords and mine's gonna get stuck in there with that and then sooner or
later you're gonna be on the road and you're just gonna have to use a sketchy internet cafe somewhere it's really easy to say I'm just never gonna do it right I'm always gonna use my own computer but once in a while you have to so
authentication for accounts on the web is currently under completely under the control of whoever's running the service the mail provider the bank what ever facial book Google whoever some of them are more responsible than others and have varying degrees of protection against password theft so the most basic that you see is forcing you to change your password every so often and that's essentially damage control it limits the amount of time that a compromised password is actually useful for some of them have a small kind of second factor where you have to say recognize an image before you enter a password or these image based keyboards instead of your actual keyboard but those are susceptible well you've got a fifth in a sec sometimes they have changing security questions that are asks you every time but there's only so many of them you set up for an account so those log able to and and you actually see that a lot with the banking information stealing malware there's an interesting one sites like hotmail do this you can get a one-time password work which it'll text message you to your mobile phone which yeah is pretty useful for resisting loggers but it has an unintended consequence that anyone who steals your phone now has access to your email you have these one-time tokens physical tokens that generate a code that you use at the same time as use your password and that what that basically does is reduces the value of the password to be stolen you can't just use the password so it's a good method but how many of those things do you want to carry around how many versus how many websites do you use and log into there's an interesting some interesting stuff that's been done in especially in countries where people are very poor and don't have a lot of technical literacy such as India and there are things like these things they call they call them nonces which are disposable one time password modifiers so this is one from India that some Microsoft researchers helped design and so every time you want to use your phone to Bank you know you've got to do this transaction in the presence of someone so you tear off the first paper thing and you modify your PIN with this tear off thing that you never show anyone and then you dispose of it afterwards so you have this physical thing but it's again it's a physical thing even though you could use it online and so on as well but if you prefer one method over another you're out of luck because few of the few sites support more than one method and in many cases none at all you just enter your password and you take your damn chances so the
ideal outcome would be if we as the users could choose our own software based interface that would make it harder for attackers to observe our passwords and do replay attacks and that could be used on any website at all without the participation of the website operators and most people in this room I'm sure already keep their own machines locked down and have various ways of protecting themselves but we don't have so many other options on a public terminal in particular forgetting about malware just in terms of a unscrupulous operator we have no way of telling if the operator of the machine is running a logger of some sort and we usually don't have permissions to install or run our own software but if we're using these terminals to access the web we usually have the full web and we can usually access pretty much any basic web content so the goal here is to obfuscate data entry in terms of the physical user interface elements using simple web mechanics that aren't too tedious for the user and if you look at forums
unlike /table and so on about people talking about these things or if you've used a lot of online banks then you'll see that people have thought about this and they've found various you know sort of hokey methods to do it for example copying and pasting characters and into it into a password fields instead of typing them on the keyboard which is fine against the hardware key logger but if you were gonna write a key logger you'd lock the clipboard to write banks have used this one a on-screen keyboard or selecting characters and dragging and dropping so it's all Mouse based but there are also loggers out there that log the area around each Mouse click a little bit of the image doesn't take the whole screen alternatively you can accept that your password is gonna make it into the logs and you can shaft the logs by putting a lot of extraneous keys in there as well and I feel like anyone who's really enterprising and analyzing the logs and is really writing a kick-ass logger could time stamp the keys jokes and could pull it out pretty easily but more importantly this is a total pain in the ass and users and they're just not going to want to use this it takes a long time and it's very error-prone now I know that you're all thinking well who cares about this interface stuff anyway this is all bullshit sighs because there are forum grabbers a forum grabbing malware out there it's a man in the browser attack and there's nothing you can do about it these types of malware hook the browser and they grab the contents of all web forms pre encryption before it's sent off to the site and they mail it off to Russia examples are online banking theft Trojans like Zeus and spy I and this software is very effective it now represents the majority of passwords stealing Trojans but I said Trojans and not password thefts in general I'm not so sure about how it compares the password theft in general and I suspect it's not that it's not as graded as as it is in just in terms of Limp being limited to malware and there are some limitations for example they're not multi-platform they don't support every browser you can see from that screenshot there that spy I just in the last two months released support for opera and chrome under windows so people who use esoteric browsers and so on you know may or may not be vulnerable depending on how the hell you know how these software developers are progressing and there's no UI mechanism that can mitigate this tactic anyway so for UI people it's sort of not an interesting problem in the sense that we can do anything about it I think there's lots of things that the browser people can do about it but you know this is interface design stuff so I think that just because this is out there we don't just have to throw up our hands and give up and say well we can't protect against this anyway there are still plenty of threats that we can mitigate and I really wanted to mention this because if any people here don't know about these browser compromises they should so you should be even more careful than normal accessing from an untrusted terminal or a machine that may have been compromised anything that involves you losing all your money because assuming you have any left but the economic collapse you can lose all your money with this stuff so here's what we want to do we want to give the user control of that you authentication interface we want to keep any sensitive text out of the log minimize the amount of other data leakage that could that could be done by other UI logging mechanisms right so we don't want to may even make it any easier for people to do brute-force attacks we want we want the loggers job to be as hard or harder than someone who's in the room with you shoulder surfing you or camera recording you as you log in and we want that choice to be available but still focus on usability and support a lot of different ways to log in that people can feel comfortable with so that a single attack method doesn't work on everything but the people will still use it so getting this sort of ecosystem that forces attackers to do the work make them support everything and there's a way that we can essentially hack any website right now which is to inject JavaScript directly into the site and that's something that's normally associated more with attacking than defense you know if you visit a malicious site they can inject JavaScript into your browser that logs all your keystrokes even though nothing's been compromised on your computer but we can also intercept keystrokes and we can obfuscate it by injecting a known trusted script into the current web page so we can do all kinds of neat tricks drawing over the active page and so on which can help us if we want to use our powers for good instead of evil the big difference interface wise here is now we have 95 printable characters to support instead of 10 digits or you know something like that so that's that we have to do things a little bit differently so here's the simplest approach it's a visual keypad that you can bring up over any website that intercepts keystroke events and instead of clicking on an amount out with a mouse it you type the keys and it automatically performs a one-time pad substitution that automatically remaps any key that you type so you look for the the you know the matter metaphor is for people who sort of type like I do by looking at the keyboard you can regenerate it on a per keystroke basis with is useful because this is a method that's susceptible to screen capture but if you regenerate it honest on a per keystroke basis you have to capture the entire screen on every single keystroke because it's a one-to-one mapping it will reveal your password length so it does potentially make brute-force attacks slightly more easily more easy but the password itself is not going to be recoverable from the text log and you can also remap the username as well as the password if you feel like you need extra obfuscation it's quick to use it's just visual search for each key but we sort of don't like the fact that it's easy to screen cap so here's another
custom interface designed to make the screen capture problem more difficult for the attacker it's sort of based on the idea of a code wheel a combination style code wheel lock because you have a huge alphabet it's got to be a big filthy thing that covers half of the webpage but it's see-through so you can drag it to wherever you need it and not obscure what you need to see on it on the web page it uses the mouse but no clicks are involved so it won't trigger click based screen capture how you use it as you mouse over a read reference key which is the point that is going to correspond to the key that you're gonna want then drag the mouse around to rotate the desired output key into place and then hit any key to lock in whatever key it is that you want to type basically what you're gonna see in the log is a string of whatever keys that you typed it could just be all spaces whatever and it intercepts additional keystrokes so if you want to chop the logs with it you know to conceal your password length you can do that too time costs you've got your visual search and you have this kind of animation so here it is in action you can see watching it that it's essentially replacing that key press information with visual information so it's possible to shoulder surf this method without seeing the keyboard although it's difficult because it's a little complex you can you know try and see what what password I'm entering here on this video but it's a trick you know it's a trade-off but you can essentially choose each method here so you could use this one when you know someone someone not watching you of your shoulder if you're reasonably sure that the entire video session isn't being logs for example but what we really want is a method that's resistant to shoulder surfing and screen capture as well as being resistant to keystroke logging so I think I haven't personally ever seen a logger that logs the audio output and you can use headphones to reduce the observability of the audio signal so here's my version of Andrea's spin lock it uses auditory stimulus based on counting just like the phone lock but
it's got to support a full keyboard so instead of a circle that you might have to spin around an average of around 50 keys I figured you could look at the keyboard and then drag a handle down to select the row and then across to select the key so here's an example there's
only a few little UI elements that you drag into place and you just count those clicks as you go across down and across the keyboard you can look down at the real keyboard as you do it because they are shifted you know each row of keys is shiftable there's actually two clicks per row and the top is the shifted key and the next one down is the unshifted key the relative the positions of the clicks are all randomized so even if you can see the screen you can't tell from where how far the handles move what's being selected and there are no compete presses at all it's all that audio side channel medium time cost two sets of counts per key press so in summary of
this section the important thing about this is not those three met example methods that I showed what's important is giving people a choice of how they authenticate or even tools to roll their own method if they don't like what's out there and they want to do use what's best for them instead of just just forcing them to live with the service that they're offered and ultimately these are just seeds for what should in an you know in an ideal system be an ecosystem of methods that are easy to implement they're easy to choose from they're available for users that want to write their own in a secure trusted fashion because ecosystems are more resistant to generic attacks we want to offer modalities that are not traditionally log like audio because we want to make attacks harder not because it's impossible to log audio but because if people use it then it has to be done and it makes the attackers job harder and these are just method these methods are just examples from a very very large potential space of methods that could be used so it's like a spy needing to be fluent in every single language in order to do his job properly makes it harder imagine if everyone logged in by a different method than generic attacks would have to concentrate on the infrastructure like the browser and then we can concentrate our defense on those points too we haven't done user studies on this stuff we might but again the point is not to pick one or two methods and say this is the best method you should use that because then it's not not customizing when we come back to a generic system it's to say you have the power to choose what works for you and
that leads me to the idea of DS situating the interaction especially back at the start when we were talking about ATMs the problem with those terminals is that the interaction needs to be done at a predictable physical place with predictable hardware and a common criticism that people level validly against the haptic keypads and so on is that there's a reason why ATMs all use a pin pad everyone needs to know that the interface is going to be the same and they're going to be able to login even if it's in a foreign country or wherever so we need to look at ways that hardware can be used to desiccate that interaction we want to use
different pin entry schemes like the web example but we can't expect ATM manufacturers to include every weird interface device that people in universities come up with but lots of
people carry around these crowded digital devices like a fun and we can install whatever the hell we want on that you know unless we follow apples rules and we want to make the
interaction less physically situated and the private device does this too because we can authenticate to the device wherever the hell we want and then we can use the device to authenticate to the so it moves the problem from one of
authentication to one of communication and there but there are still some
constraints on this we don't know in advance what terminals we're going to use so we can't prepare you can't pay your phone in advance to every terminal you might possibly want to use in the future and we don't want to use something that radiates information in all directions and has the risk of a man-in-the-middle attack and finally it's got to be fast and easy or people won't use it and it's got to be cheap all manufacturers won't use it so here's
a graphic of the interaction you authenticate privately you use your private device with physical proximity to communicate and encrypted credential to the terminal from the terminals point of view it looks like piece four it's just like you entered European right at the terminal so here's a prototype of a
system that performs this communication using light you enter the password by
whatever means necessary on the phone and then place it on the
receiver where the thing is transmitted
with light and you can see a lot of flashing leaking out from that that's
because there are specifically LEDs in there to introduce visual chaff so that
to prevent any recording and replay
attack we don't have a user study for
this yet it's been done but it's under submission to a journal so we didn't want to pre-release it here but suffice it to say that users were happy with it here's another graphic of how it works and the important thing to note with
this is the password is not transmitted in the clear so even though there's some observation resistant stuff with those spoofing LEDs its salted and hashed so it's of less use to an attacker than a and then a clear transmitted password and the hardware here which is very very simple you know a microcontroller for some LEDs and a light sensor very very cheap and reliable less than one percent error rate the next version uses the
color screen so that more data can be
encoded within the same transmission time so it can be a longer hash by still being usable Andrea also did a version
that looked into using a variable magnetic field because the field strength or the observability of the magnetic field falls off much much faster than it does for light so it's more difficult to observe but this method and any further work on this method is currently on hold because it's actually really similar to near field communications which is going to become commercially available probably in every phone very soon maybe maybe even as soon as iPhone 5 this year so no plans to do more work on this yet until we look into that and play around with that some so in
conclusion we're going to have to live with passwords and pins for a long time we know that they that they fail in lots of ways and they suck in various ways but they're not going away we still need to authenticate on public terminals we're not in this fully connected world where we can do everything on our private thing quite yet but generally simple methods can result in security improvements in scenarios where there's a potential observation risk there are things that we can do not to achieve perfect perfect security there's no such thing as a perfect defence but no matter who you are if you're a manufacturer or an end-user it's not about defending against everything it's especially not about defending against everything for the service providers because they care a lot more about minimizing losses to themselves after the fact and they do about protecting your credentials in particular they don't give a shit about protecting your credentials used on other sites even though you may be reusing it for their site they just there's nothing they can do about it they just gonna work on loss mitigation instead so we want to diversify the ecosystem of entry methods on our own bat that's kind of the hacker spirit like don't worry about these guys let's do it ourselves and do this mediated obfuscation of the data that we do have to enter so we showed some novel key entry systems for terminals and private devices and some software and hardware mediation systems for observation resistance when you do have to use these public terminals and I know I hope that you guys are all thinking about potential attacks on these things because that's how we do it you know we take the armor to the bullet guys and say make a bullet that goes through this armor then we take the bullet take the the you know you know I'm saying ah I'm a to the bullet guys to throw the armor bullet to the armor guys make and wear this doesn't go through that's how it go helps how it works but at least it forces attackers to work harder and maybe they're going bother someone else Thanks