[148640] in cryptography@c2.net mail archive
Re: [Cryptography] Passwords are dying - get over it
daemon@ATHENA.MIT.EDU (Bill Frantz)
Mon Dec 23 18:14:17 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 23 Dec 2013 09:36:12 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: cryptography@metzdowd.com
In-Reply-To: <CAOLP8p4XgDn2nUsLTxPCaq=Mjx5L_p=2KXDNne2p9QJ1RACSrg@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 12/23/13 at 10:53 PM, waywardgeek@gmail.com (Bill Cox) wrote:
>Sounds good, but what's the alternative? It scares me to have a key ring
>decrypt all my passwords at once, and just hang around in memory. The
>closed-source password safes are a non-starter, IMO. I agree the password
>situation sucks. I'm not very familiar with alternatives. What do you
>suggest?
I suggest a signature scheme which operates automatically. Each
user has a private key which is kept secure using the normal
technologies. There is no magic here, and there is no
improvement over the current practices of keeping private keys
in TPMs, dongles, files, password encrypted files etc.
I'll use web site login as an example, because it is common and
a necessary authentication problem to solve. There are several
directions one could go, and they aren't mutually exclusive,
although a single web site would probably use only one of them.
* The private key can be used with a client-side cert and
TLS. This solution could provide automatic login, which is
easier for the user than entering a username and password.
* The web page site can do authentication at the HTTP level
by offering a nonce to which the client adds another nonce
and signs both of them. This solution can be coded to
transparently revert to user name + password as a migration
strategy.
* etc.
One thing to remember, don't let the impossible best be the
enemy of the better. Keeping secrets from well-funded attackers
with direct access to all the user's hardware is an unsolved
problem. Don't throw out improved resistance to attacks such as
cross-site password guessing and low entropy secrets because the
solution doesn't solve a problem that passwords can't solve either.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | When it comes to the world | Periwinkle
(408)356-8506 | around us, is there any choice | 16345
Englewood Ave
www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos,
CA 95032
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
