Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Topics
Introduction Background & Selected Related Works Base Cipher Implementing a Secure Mobile OTP Token Security Analysis Conclusion
Introduction
Using One-time Password (OTP) for remote authentication becomes popular. It is natural to have mobile phone as an OTP token. This paper proposes an encryption cipher to build a secure Mobile OTP token that can resist certain security attacks. The token also preserves full compliance and interoperability with existing infrastructure.
Mobilware 2010 July 1, 2010 A Secure Mobile OTP Token Fred Cheng
Access Granted
Static Password
Mobilware 2010 July 1, 2010 A Secure Mobile OTP Token Fred Cheng
Solutions Increase password complexity (OTP) Dynamic password (OTP) No simple and easy solution
Dynamic Password
Proposed by Leslie Lamport
In his landmark 1981 ACM Paper
x 0
The Algorithm
Using a One-way Function F
An initial seed x & event counter i
Hash Function
+1
F i(x)
OTP Token
Various OTP algorithms and implementations were introduced and marketed
Expensive, in-compatible & non-interoperable
160 bit
Truncate
OTP Generation Algorithm
64 bit
OTP Code
K&C
Data
OK
?OTP?
Limitation
Unreliable & untimely SMS Cellular service coverage
Login Req
OTPC1 K&C
OTP!!!
Mobile Authenticator
Authentication
Provided by cellular system New Protocols [9][10] SIM (user credentials)
Data
OK
Phone
Contains SIM
?OTP?
Protocol
Limitation
Cellular service coverage
Ref: [3][13][14][15][16][17][18]
Mobilware 2010 July 1, 2010
Data
SIM
?OTP?
?
SIM
Mobile Authenticator
Part of the authenticator Phone and Server SIM & Protocol 3G & up No No (3G Data Plan) No No No (complex system) Yes/ No Yes ?
Role of phone OTP generation OTP submission Type of phone Simple usability Low phone $/m No cellular limitation Compatibility & Interoperability No system change Protect secrets MITM attack safe Shoulder-surfing attack safe
Mobilware 2010 July 1, 2010
Need to solve
Protecting the secrecies
Seed (K) and counter value (C)
Solutions
Less computation & local code Using same OTP algorithm Rubbing Encryption Algorithm Rubbing Encryption Algorithm OATH OTP New solution New solution
A Secure Mobile OTP Token Fred Cheng
Benefits
No need to memorize key Using long & complex key High security with short plaintext No complex computation
H(X) = -
i=1
Pi (Log2 Pi)
(2)
When each numeral has equal chance to be displayed and Nyi are all equal (N), image X reaches a Equiprobable state and has the highest uncertainty. [20] T = NY , Pi = Nyi / T = N/ NY = 1/Y = P .
Mobilware 2010 July 1, 2010 A Secure Mobile OTP Token Fred Cheng
(3) (4)
14.00 12.00
10.00
12.00 10.00 8.00 6.00 H( X) H( S)
8.00
H(X) H(S)
6.00 4.00
2.00 0.00 10 15 20 25 30 35 40
TO Encrypt - Follow the numerical (1) (12) step To Decrypt - Follow the alphabet [A] [L] step
(5) [J] Generating REAL Image (7) [F] Obtaining HI (6) [I] Generating DATA (8) [G] Generating OFFSET (12) [C] Secure Storing Delta Table (DT) & HI in local device DELTA (10) [E] Bit XOR (9) [H]
Draft REAL H/W Token & Key (3) [L] Generating OATH OTP Code (4) [K] Encrypting with REAL Key
(2)
(0) [A] REAL OTP Token Activation & key-in User Credential
Encryption
(11) [D]
REAL Key
Code pointer as key
W6 D6 3
W5 D5 8
W4 D4 0
W3 D3 7
W2 D2 2
W1 D1 3
W0 D0 5
I II
Truncate
HI(i)
Offset(i)_GEN
19
HI(i)
HI(i)
HMAC SHA-1
HMAC SHA-1
Offset(i)
Mobilware 2010 July 1, 2010
Delta(i)
Bit Ex-OR
Bit319 Bit160 Bit319 Bit160 Bit159 Bit0 Bit159 Bit0
HI(i)
HI(i-1) HI(i)
Delta Table
Delta(i+k) Delta(i-n)
HI(i)
HI(i+k) HI(i-n)
Bit319 Bit160
Data(i)
Delta(i)
HI(i)
Bit319 Bit160
Bit159 Bit0
HI(i+n)
Delta(i+m)
HI(i+m)
ICard OTP 842590371 7 7308146 5 4 ABC 1234 5678 9012 3456 2 8 John Doe Exp 03/14 7 3 5920681 6 0 46591239
ICard OTP 916735420 5 4820196 1 3 ABC 1234 5678 9012 3456 7 6 John Doe Exp 03/14 9 2 8 6841925 0 53704873
Code = 807235
Mobilware 2010 July 1, 2010
Code = 478818
A Secure Mobile OTP Token Fred Cheng
Solution
ICard OTP 842590371 7 7308146 5 4 ABC 1234 5678 9012 3456 2 8 John Doe Exp 03/14 7 3 5920681 6 0 46591239
Solution
D6 I II III
Mobilware 2010 July 1, 2010
D5 8 11 1
D4 0 3 3
D3 7 10 0
D2 2 5 5
D1 3 6 6
D0 5 8 8
3 3 3
ICard OTP 842590371 7 7308146 5 4 ABC 1234 5678 9012 3456 2 8 John Doe Exp 03/14 7 3 5920681 6 0 46591239
Where is my phone?
Conclusion
Rubbing Encryption Algorithm (REAL)
A multi-dimensional secure cipher with long and complex keys Provides high security level encryption for short length plaintext
Further Work
To explore more apps. on REAL multi-dimension, multi-key features and improve the usability against desired security level Example:
A Novel Rubbing Encryption Algorithm and The Implementation of a Web-based One-time Password Token, COMPSAC 2010. [23]
Mobilware 2010 July 1, 2010 A Secure Mobile OTP Token Fred Cheng
THANKS! Q&A