Moving to client-side hashing for online authentication Enka - - PowerPoint PPT Presentation

moving to client side hashing for online authentication
SMART_READER_LITE
LIVE PREVIEW

Moving to client-side hashing for online authentication Enka - - PowerPoint PPT Presentation

May 29, 2023 825 likes •1.02k views

Moving to client-side hashing for online authentication Enka Blanchard 1 Xavier Coquand 2 Ted Selker 3 Digitrust, Loria, Universit e de Lorraine, www.koliaza.com Bsecure, Paris University of Maryland, Baltimore County 9th International

slide-1
SLIDE 1

Moving to client-side hashing for online authentication

Enka Blanchard1 Xavier Coquand2 Ted Selker3

Digitrust, Loria, Universit´ e de Lorraine, www.koliaza.com Bsecure, Paris University of Maryland, Baltimore County

9th International Workshop on Socio-Technical Aspects in SecuriTy @ ESORICS September 26th, 2019

slide-2
SLIDE 2

Why hash passwords?

Password hashing today Client-side hashing Making changes 1/13

slide-3
SLIDE 3

Password hashing: best practices

How to hash correctly:

  • Use a salt for each password
  • Use a secure password hashing algorithm (Argon2 or bcrypt)
  • Protect against side-channels (e.g. HTTP)
  • Don’t keep duplicates or logs

Password hashing today Client-side hashing Making changes 2/13

slide-4
SLIDE 4

Poll: how long have we been saying this?

Password hashing today Client-side hashing Making changes 3/13

slide-5
SLIDE 5

1968: Sir Maurice Vincent Wilkes, commenting on Roger Needham’s 1967 password system

Password hashing today Client-side hashing Making changes 3/13

slide-6
SLIDE 6

2015-2016 leaks

website encryption # accounts leaked leak date 000webhost.com clear 15035687

  • Mar. 2015

sprashivai.ru clear 3472645 May 2015 ashleymadison.com bcrypt 36140796 July 2015 17.media MD5 3824575

  • Sep. 2015

mpgh.net MD5+salt 3119180

  • Oct. 2015

r2games.com MD5+salt 11758232

  • Oct. 2015

nexusmods.com MD5+salt 5918540

  • Dec. 2015

mate1.com clear 27402581

  • Feb. 2016

naughtyamerica.com MD5 989401

  • Apr. 2016

badoo.com MD5 122730419 June 2016

Table: Partial list of leaks analysed in 2016 by Jaeger et al. Password hashing today Client-side hashing Making changes 4/13

slide-7
SLIDE 7

How about client-side hashing?

Password hashing today Client-side hashing Making changes 5/13

slide-8
SLIDE 8

Detecting client-side hashing

How we can find out if a website uses client-side hashing:

  • Semantic and syntactic analysis: observe ”password” in the packet or follow memory cells
  • Computing load analysis: good hashing takes resources

This can only detect absence of good hashing, no positive guarantee.

Password hashing today Client-side hashing Making changes 6/13

slide-9
SLIDE 9

Client-side hashing in the Alexa 50

Websites google.com tmall.com blogspot.com mail.ru xvideos.com youtube.com reddit.com netflix.com bing.com tribunnews.com facebook.com instagram.com linkedin.com microsoft.com amazon.co.jp baidu.com live.com bilibili.com whatsapp.com google.co.in wikipedia.org vk.com twitch.tv naver.com github.com qq.com sohu.com pornhub.com aliexpress.com

  • kezone.com

yahoo.com jd.com login.tmall.com livejasmin.com imdb.com amazon.com yandex.ru 360.cn microsoftonline.com google.com.hk taobao.com sina.com.cn csdn.net alipay.com pages.tmall.com twitter.com weibo.com yahoo.co.jp ebay.com stackoverflow.com

Password hashing today Client-side hashing Making changes 7/13

slide-10
SLIDE 10

Client-side hashing in the Alexa 50

Websites google.com tmall.com blogspot.com mail.ru xvideos.com youtube.com reddit.com netflix.com bing.com tribunnews.com facebook.com instagram.com linkedin.com microsoft.com amazon.co.jp baidu.com live.com bilibili.com whatsapp.com google.co.in wikipedia.org vk.com twitch.tv naver.com github.com qq.com sohu.com pornhub.com aliexpress.com

  • kezone.com

yahoo.com jd.com login.tmall.com livejasmin.com imdb.com amazon.com yandex.ru 360.cn microsoftonline.com google.com.hk taobao.com sina.com.cn csdn.net alipay.com pages.tmall.com twitter.com weibo.com yahoo.co.jp ebay.com stackoverflow.com

Password hashing today Client-side hashing Making changes 7/13

slide-11
SLIDE 11

1-to-1 correspondance between client-side hashing and Chinese websites

Password hashing today Client-side hashing Making changes 8/13

slide-12
SLIDE 12

Why not use client-side hashing?

Password hashing today Client-side hashing Making changes 9/13

slide-13
SLIDE 13

Client-side hashing: drawbacks

Four potential drawbacks:

  • Incompatibility with legacy protocols
  • Same-site authentication attacks after leaks
  • Computing power limits
  • Script blocking

Password hashing today Client-side hashing Making changes 10/13

slide-14
SLIDE 14

Client-side hashing: advantages

Six main advantages:

  • No credential reuse attack
  • Lower server costs
  • Stronger hashing
  • Makes phishing slightly harder
  • Simpler if standardised
  • Enforces accountability

Password hashing today Client-side hashing Making changes 11/13

slide-15
SLIDE 15

Client-side hashing: advantages

Six main advantages:

  • No credential reuse attack
  • Lower server costs
  • Stronger hashing
  • Makes phishing slightly harder
  • Simpler if standardised
  • Enforces accountability

Password hashing today Client-side hashing Making changes 11/13

slide-16
SLIDE 16

Making changes: globally

To change the ecosystem:

  • Update the belief that client-side is detrimental, for both researchers and developers
  • Change the incentive structure, as with the padlock

Ideally: convince large browser developers or standards organisation

Password hashing today Client-side hashing Making changes 12/13

slide-17
SLIDE 17

Making changes: for the user

It should not affect their experience in general. Two main immediate options:

  • Create an extension to warn them in case of unsecure systems
  • Detecting and hashing passwords on the client

Password hashing today Client-side hashing Making changes 13/13

slide-18
SLIDE 18

Thank you for your attention

Password hashing today Client-side hashing Making changes 13/13