Author Topic: Question about human-machine password exchange  (Read 1254 times)

0 Members and 1 Guest are viewing this topic.

Offline yucel

  • Newbie
  • Posts: 4
Question about human-machine password exchange
« on: April 27, 2019, 02:34:47 pm »
So computers can exchange passwords in a way that others won't know the password even if he see all their communications, why can't we use this method to verify a human?
I think it works like question-answer: A ask B a question, B calculate the answer by the password and answer it, the answer can neither be used to calculate the password, nor answer any other questions. I'm I right?
It's always a pain to type passwords in public, It will be great if this can be adopted to human-machine password exchange.
 

Offline soldar

  • Super Contributor
  • ***
  • Posts: 2605
  • Country: es
Re: Question about human-machine password exchange
« Reply #1 on: April 27, 2019, 06:17:23 pm »
It takes a ton of calculations which a human cannot do in their head. You could use a smartcard and that is already implemented.

Simplifying it a lot, WPA authentication is done by way of a "four way handshake" where both sides exchange nonces and the initial communication key is computed using both nonces and the shared secret password.

This would not be practical to be done manually but the concept can be used. Decades ago one day I was talking to a guy on the open ham radio bands and we wanted to exchange phone numbers without giving them out openly. We both had a common acquaintance unknown to any listeners so it was something like: Take that guy's last name, replace each letter with it's number in the alphabet, add to each number the corresponding digit of the phone number and transmit. At the other end do the reverse, i.e. subtract each number. The method was simple enough and secure enough for the occasion but it can be made much more secure. As long as you have a common secret word or number you can develop a secure channel but it may not be practical to use often.

As long as you have a common secret information a secure channel can be implemented.

For practical use a supplicant can be implemented in a smartcard or other device which can digitally sign a nonce provided by the authenticator.
« Last Edit: April 27, 2019, 09:41:37 pm by soldar »
All my posts are made with 100% recycled electrons and bare traces of grey matter.
 

Offline tooki

  • Super Contributor
  • ***
  • Posts: 5012
  • Country: ch
Re: Question about human-machine password exchange
« Reply #2 on: April 27, 2019, 11:14:02 pm »
At one place I worked, the identity verification for the alarm company used a calculation. In advance, an agreed upon constant is taught to employees (let’s say it’s 32). When you call and identify the company, they ask you for the difference to a number they say. Like “the difference to 104, please”, to which you would reply “72”.
 

Offline soldar

  • Super Contributor
  • ***
  • Posts: 2605
  • Country: es
Re: Question about human-machine password exchange
« Reply #3 on: April 27, 2019, 11:20:37 pm »
I don't understand. If someone can hear the question and the answer then they know all three numbers. What's the point? I don't get it.

“the difference to 104, please”, to which you would reply “72” and the listener can deduce the original was 32 so why not just say 32?
All my posts are made with 100% recycled electrons and bare traces of grey matter.
 

Online 0culus

  • Super Contributor
  • ***
  • Posts: 2232
  • Country: us
  • Electronics, RF, and TEA Hobbyist
Re: Question about human-machine password exchange
« Reply #4 on: April 27, 2019, 11:38:38 pm »
"burn" that constant and establish a new one, ideally inside a secure facility with similar precautions to a SCIF.
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Question about human-machine password exchange
« Reply #5 on: April 28, 2019, 01:20:59 am »
I don't understand. If someone can hear the question and the answer then they know all three numbers. What's the point? I don't get it.

“the difference to 104, please”, to which you would reply “72” and the listener can deduce the original was 32 so why not just say 32?
Just speculating: often you can only hear one person when using a phone and in that case you only know one number and can't deduce the constant. So maybe it's to prevent someone from casually overhearing the code.
 
The following users thanked this post: tooki

Online Ian.M

  • Super Contributor
  • ***
  • Posts: 8606
Re: Question about human-machine password exchange
« Reply #6 on: April 28, 2019, 01:25:17 am »
The problem is: 50% of the population is of below average intelligence (by definition, if you take 'average' as 'mean').  Most of that half of the population, although sufficiently intelligent to be employable are barely numerate without electronic assistance (or for the older generation pencil and paper).  On  good day they can make change or check their change!  A significant subset of them are generally incapable of operating technology except by rote memorisation of the operating procedure and regard any variation of that procedure with great suspicion or even refuse to accept it.

The proportion of the population that can calculate a trapdoor function in their heads, without muttering or writing anything down, is vanishingly small and probably almost entirely composed of above average MENSA members.

Therefore, authentication by unassisted secure key exchange is almost entirely outside the capabilities of the human population of this planet..

The only remaining possibility is the use of a one-time pad.   It is only secure if the pad is, so that would require the human user to memorise and destroy the pad, which would be unique to that user.  Unfortunately in a secular, post Gutenberg* society, the accurate transmission of large texts (e.g. epic sagas) by rote memorisation and oral recitation is no longer generally valued, so those few with the aptitude required rarely discover and develop their memorisation skills.

* Gutenberg: the 15th century German printer, not the 20th century book archive.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 2137
  • Country: pl
Re: Question about human-machine password exchange
« Reply #7 on: April 28, 2019, 07:19:34 am »
It's always a pain to type passwords in public, It will be great if this can be adopted to human-machine password exchange.
So you want the computer to print some random text/number and have you calculate something from that number and your secret password and punch in the answer?
Well, we could do that but you would be begging to have your normal passwords back within a day ;)

A "sufficiently smart AI" could perhaps use a verbal password and some word games to verify that you know it, but resistance to eavesdropping would be much lower because a third party could still guess the password after seeing a few challenges answered by you. Likely.

OTOH, the algorithms used by computers are much harder to compute in your head but virtually unbreakable.

As long as you have a common secret information a secure channel can be implemented.
True but impractical. If you are only worried about passive eavesdroppers the usual solution is to pick a random nonce and ask for hash(password+nonce).

As an aside, you can actually establish a common secret over an insecure channel (see Diffie-Hellman) and secure the channel with it.

The problem is: 50% of the population is of below average intelligence (by definition, if you take 'average' as 'mean').
In addition to the 75% of population below median education who couldn't even be trusted to properly interpret mathematical instructions ;)
 

Offline soldar

  • Super Contributor
  • ***
  • Posts: 2605
  • Country: es
Re: Question about human-machine password exchange
« Reply #8 on: April 28, 2019, 07:46:16 am »
True but impractical.

That's exactly what I said.


If you are only worried about passive eavesdroppers the usual solution is to pick a random nonce and ask for hash(password+nonce).

Try doing that over the ham radio, with nothing more than pen and paper at your disposal.
All my posts are made with 100% recycled electrons and bare traces of grey matter.
 

Offline hamster_nz

  • Super Contributor
  • ***
  • Posts: 2284
  • Country: nz
Re: Question about human-machine password exchange
« Reply #9 on: April 28, 2019, 09:04:27 am »
If it was obvious and easy, key exchange algorithms wouldn't have been such a big advance when they were introduced in the 70s and 80s.

Gaze not into the abyss, lest you become recognized as an abyss domain expert, and they expect you keep gazing into the damn thing.
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 2137
  • Country: pl
Re: Question about human-machine password exchange
« Reply #10 on: April 28, 2019, 09:21:21 am »
Try doing that over the ham radio, with nothing more than pen and paper at your disposal.
Encryption is illegal over ham radio :P
And we are talking about different things. Transmitting a secret is not the same as verifying that someone knows the secret and the latter doesn't require the former, this was my entire point.
You could verify that your friend knows your phone number with some degree of confidence by asking for the sum of its digits modulo 10, without involving any mutual acquaintances and with less headache than encrypting the number.

Now that I wrote it, I remember that some banks actually do a similar scheme, asking the customer to type only certain letters of the password. And now that I think of it, it implies the password is not hashed in their database |O
And people usually hate it because it's more hassle than simply typing the password, even if it keeps somebody from seeing the password over your shoulder.
 

Offline hamster_nz

  • Super Contributor
  • ***
  • Posts: 2284
  • Country: nz
Re: Question about human-machine password exchange
« Reply #11 on: April 28, 2019, 09:34:12 am »
Oh, and don't forget man in the middle attacks, which can be hard to defend against.

One way I verify that my bank is my bank is by answering the security questions wrong and see what happens....
Gaze not into the abyss, lest you become recognized as an abyss domain expert, and they expect you keep gazing into the damn thing.
 

Offline soldar

  • Super Contributor
  • ***
  • Posts: 2605
  • Country: es
Re: Question about human-machine password exchange
« Reply #12 on: April 28, 2019, 11:20:37 am »
You could verify that your friend knows your phone number with some degree of confidence by asking for the sum of its digits modulo 10, without involving any mutual acquaintances and with less headache than encrypting the number.

You totally missed the point of what we were doing. A bunch of people were communicating over the air and there was your typical Ahole behaving like he would.

I had just found out that, by coincidence, one guy I was trying to talk to had some past history in common and we knew some people in common.

We wanted to talk on the phone but obviously did not want to broadcast the phone number over the air with the Ahole listening in.

So we communicated the phone number as described and went on to talk on the phone and left the Ahole to bug someone else over the air.

Really, you would think it was clear from the beginning. Jeezz.
All my posts are made with 100% recycled electrons and bare traces of grey matter.
 

Offline soldar

  • Super Contributor
  • ***
  • Posts: 2605
  • Country: es
Re: Question about human-machine password exchange
« Reply #13 on: April 28, 2019, 11:39:02 am »
"burn" that constant and establish a new one, ideally inside a secure facility with similar precautions to a SCIF.
Do I detect a faint odor of burning sarcasm? ;)
All my posts are made with 100% recycled electrons and bare traces of grey matter.
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 11230
  • Country: us
  • DavidH
Re: Question about human-machine password exchange
« Reply #14 on: April 28, 2019, 02:24:51 pm »
Try doing that over the ham radio, with nothing more than pen and paper at your disposal.

Encryption is illegal over ham radio :P

Encryption is but for purposes of authentication, there is another much easier way to do it with a one time pad that is legal on even amateur radio.

Print up a card with random content (or phrases) and number them.  The authenticator now asks for the phrase by number and the authenticatee responds with the selected information.  The meaning is plain so the encryption clause for amateur radio does not apply.  Sometimes you can see this done in movies as part of the story where someone is asked something only they can know.

http://www.deepnetsecurity.com/authenticators/one-time-password/gridid/

Update: A deck of cards or stack of bills can be used for this and when law enforcement or border patrol find it, it is just a deck of cards or stack of bills.  Plus the contents can be destroyed by shuffling.  With some cleverness, this sort of thing can be used in the US to enforce your 5th amendment right to not incriminate yourself when ordered to reveal a password.
« Last Edit: April 28, 2019, 02:42:36 pm by David Hess »
 

Offline soldar

  • Super Contributor
  • ***
  • Posts: 2605
  • Country: es
Re: Question about human-machine password exchange
« Reply #15 on: April 28, 2019, 02:37:40 pm »
Print up a card with random content (or phrases) and number them.  The authenticator now asks for the phrase by number and the authenticatee responds with the selected information. 

Some Spanish banks used this to authenticate users with internet access. It got old fast and was discontinued. Nobody wants to have to carry a stupid card and then do a crossword puzzle when trying to log into their bank account.
All my posts are made with 100% recycled electrons and bare traces of grey matter.
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 11230
  • Country: us
  • DavidH
Re: Question about human-machine password exchange
« Reply #16 on: April 28, 2019, 02:45:08 pm »
Print up a card with random content (or phrases) and number them.  The authenticator now asks for the phrase by number and the authenticatee responds with the selected information.


Some Spanish banks used this to authenticate users with internet access. It got old fast and was discontinued. Nobody wants to have to carry a stupid card and then do a crossword puzzle when trying to log into their bank account.

It is a trade off between security and convenience.  In the US, the banks have arranged for the money or identity to be yours instead of the banks so when they get stolen, it is your money or identity which is lost and the bank is not responsible despite having the authority.  So of course they neither care about nor enforce security.
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Question about human-machine password exchange
« Reply #17 on: April 28, 2019, 03:11:57 pm »
My bank used to use one-time-passwords (not that fancy grid, just a numbered list of passwords), but they have switched to something less secure now (that doesn't require them to send out new code cards regularly). Many other banks used a little electronic gadget that was overly complicated imho, less secure and probably more expensive.

I think OTPs is one of the best methods to be honest. It's simple, easy to understand for anyone and very secure. Combine it with a normal password/pin that you don't write down and you have an almost foolproof two factor authentication system.

TOTP and HOTP is also very good; a little bit more convenient but also a little bit less secure (imho secure enough for most things though, given that the software authenticator can be kept secure).
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Question about human-machine password exchange
« Reply #18 on: April 28, 2019, 03:23:39 pm »
It is a trade off between security and convenience.  In the US, the banks have arranged for the money or identity to be yours instead of the banks so when they get stolen, it is your money or identity which is lost and the bank is not responsible despite having the authority.  So of course they neither care about nor enforce security.
I was quite upset when the supreme court here put the responsibility for ATM card security on the card owner and not the bank, trying to point out that the consequence was that the banks had no incentive to improve security. A decade later skimming had become a huge problem. People still don't realise it was predictable and easily avoided.
 
The following users thanked this post: tooki

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 11230
  • Country: us
  • DavidH
Re: Question about human-machine password exchange
« Reply #19 on: April 28, 2019, 03:44:30 pm »
Hardware security tokens have been popular for a while.  A challenge-response based on public cryptography seems ideal and has been used at various times but requires a higher bandwidth communications channel.  A USB key based one seems ideal but smart phones have deprecated external ports ...

It is a trade off between security and convenience.  In the US, the banks have arranged for the money or identity to be yours instead of the banks so when they get stolen, it is your money or identity which is lost and the bank is not responsible despite having the authority.  So of course they neither care about nor enforce security.

I was quite upset when the supreme court here put the responsibility for ATM card security on the card owner and not the bank, trying to point out that the consequence was that the banks had no incentive to improve security. A decade later skimming had become a huge problem. People still don't realise it was predictable and easily avoided.

And even excluding compromises of the end user by things like skimming, it is still considered the end user's fault until proven otherwise even though they have no authority over how the system is designed.

I have never considered ATM or credit cards particularly secure.  In theory a financial card which uses public key cryptography and local processing could be secure but that still leaves the rest of the communications chain and banks have no interest in securing that if the end user will be blamed anyway.  This manifests in the *current* such implementations being insecure even if the user's part is not compromised.

How could they get that wrong?  They had no responsibly to get it right.

I continue to carry cash for most transactions.



 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Question about human-machine password exchange
« Reply #20 on: April 28, 2019, 04:09:54 pm »
I have never considered ATM or credit cards particularly secure.  In theory a financial card which uses public key cryptography and local processing could be secure but that still leaves the rest of the communications chain and banks have no interest in securing that if the end user will be blamed anyway.  This manifests in the *current* such implementations being insecure even if the user's part is not compromised.

How could they get that wrong?  They had no responsibly to get it right.

I continue to carry cash for most transactions.
Cash is disappearing alarmingly quickly here. I know of a couple of places that already refuse cash, like the local theatre.
 

Offline soldar

  • Super Contributor
  • ***
  • Posts: 2605
  • Country: es
Re: Question about human-machine password exchange
« Reply #21 on: April 28, 2019, 05:33:59 pm »
The situations in America and Europe are quite different. Americans are more resistant to change while Europe sometimes seems to embrace change just for the sake of change.

It is a difficult balance where to put the blame and responsibility if things go wrong. If the bank bears all responsibility we know very well people are careless and would just be extremely negligent and abuse the system and claim all sorts of things.

OTOH, you are right when you say the customer has no say or control in how the system is designed or operated and the bank can be careless too.

The ideal situation is where the customer is responsible for his part and the bank is responsible for their part but it can be difficult determining who is at fault.

Banks can be too careful and inconvenience their customers by blocking the cards too easily but I guess that is better than having your money stolen.

I would say anything with a smartcard token verified is on the customer to disprove.

Yeah, I don't like how fast cash is disappearing.

A story about a credit card scam: https://youtu.be/VhnjYB_PqFY?t=533 (go to minute 8:50)
All my posts are made with 100% recycled electrons and bare traces of grey matter.
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Question about human-machine password exchange
« Reply #22 on: April 28, 2019, 10:39:52 pm »
It is a difficult balance where to put the blame and responsibility if things go wrong. If the bank bears all responsibility we know very well people are careless and would just be extremely negligent and abuse the system and claim all sorts of things.

OTOH, you are right when you say the customer has no say or control in how the system is designed or operated and the bank can be careless too.
Yes, it comes down to showing who's been careless I think. They should have required that the banks show they have taken reasonable precautions to prevent fraud (which they clearly had not) and that the customer had been careless. Instead they put all the responsibility on the customers giving the banks no incentive to improve security. Of course, it would also be bad if they did the opposite, so that anyone could just say "fraud" instead of paying their bills. But it's the banks that are forcing these card/e-payment systems on us and at the same time doesn't take responsibility for security. No bank will spend more money on security than they have to in order to maximise profit, that is how it's supposed to work after all. It would have been reasonable to put more responsibility on the banks because they don't have to offer the card service if they feel they can't prevent fraud. Worst case people would just use cash like normal instead, but more likely the banks would have fixed the worst security flaws a long time before frauds became a big problem.
 

Offline doxuya

  • Newbie
  • Posts: 3
Re: Question about human-machine password exchange
« Reply #23 on: May 02, 2019, 03:29:18 pm »
I don't understand. If someone can hear the question and the answer then they know all three numbers. What's the point? I don't get it.

“the difference to 104, please”, to which you would reply “72” and the listener can deduce the original was 32 so why not just say 32?
I think OP means asymmetric encryption, which will not expose the password even when both question and answer are known. I struggled for a long time and still don't know how it works.
 

Offline DDunfield

  • Regular Contributor
  • *
  • Posts: 173
  • Country: ca
Re: Question about human-machine password exchange
« Reply #24 on: May 02, 2019, 04:04:26 pm »
So computers can exchange passwords in a way that others won't know the password even if he see all their communications, why can't we use this method to verify a human?
I think it works like question-answer: A ask B a question, B calculate the answer by the password and answer it, the answer can neither be used to calculate the password, nor answer any other questions. I'm I right?
It's always a pain to type passwords in public, It will be great if this can be adopted to human-machine password exchange.

Look up "Zero Knowledge Proof".
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf