Professional Documents
Culture Documents
net/publication/317580932
CITATIONS READS
0 4,599
1 author:
Jose Costa
University of Westminster
1 PUBLICATION 0 CITATIONS
SEE PROFILE
All content following this page was uploaded by Jose Costa on 14 June 2017.
Abstract—While there are some available TFAs, most are either This is where TFA comes into play by adding an extra layer,
privately made in house which other businesses cannot use or are typically in the form of a physical token, such as biometrics
available but come with a lot of overhead which comes attached (fingerprints or retina scans), or electronic token such as a
to drawbacks; this can be expensive to implement and time-
consuming. One Time Password (OTP) generated at the time of the logon
The aim of this project is to provide a secure TFA platform request. If an attacker managed to get hold of the user’s
to enable clients to provide their users with the form of security password, they would also need to get the user’s current OTP
without any change to their current infrastructure making the to login which changes at a particular rate making it hard for
transition effortless while keeping users data as secure as possible. attackers to succeed in infiltrating an account.
Keywords—Security, Two-Factor Authentication;
A. Statement of Purpose
I. I NTRODUCTION While there are some available TFAs, most are either
privately made in house which other businesses cannot use
Two-factor authentication (TFA) is increasingly becoming a or are available but come with a lot of overhead which comes
go-to for user security and identification. With an increase in attached to drawbacks; this can be expensive to implement and
cyber crimes each year more and more businesses (ranging time-consuming.
from financial institutions (HSBC, Barclays, BCA) to retail The aim of our project will be to provide a secure TFA
(Amazon, eBay , Apple)) are implementing TFA as a way platform which will enable our clients to provide their users
to ensure user credibility within their systems which in turn with the form of security without any change to their current
decreases the risk of any malicious users infiltrating into their infrastructure making the transition effortless while keeping
systems. TFA factors can be split into three categories as users data as secure as possible.
written by John Brainard et al [1] As we are based within Europe we are obliged to meet the
Knowledge Factors or Something you know Most com- established legislation for data protection set in the European
mon kind of authentication, examples range from passwords Directive 95/46/EC as well as the regulations set in the GDPR
to secret questions. Passwords are easily forgotten and can be (General Data Protection Regulation). According to [2], article
weak if not enforced properly. 17 in the Directive, as the CSP (Credential Service Provider)
Possessive Factors or Something you have Instead of hav- we must have, we will handle and store users information,
ing to remember something possessive factors uses something ”appropriate technical and organisational measures to protect
the user has, just like a key to a lock. These can vary from personal data against accidental or unlawful destruction or
smart cards which generate codes to USB tokens. Similarly to accidental loss, alteration, unauthorised disclosure or access”.
Knowledge factors, possessive factors can be lost. Authors in [3] also state that in article 17.1 that we must have
Inherence Factors or Something you are Inherence factors ”a level of security appropriate to the risks represented by the
use the users’ characteristics such as fingerprints, retinal scans, processing and the nature of the data to be protected”.
dynamic signature as a matching pattern. These are harder to
spoof as they are unique to every person, however they are B. Aims and Objectives
harder to use and implement in older technology. For this project, we aim to make the application as
There are a multitude of ways that TFA, can work with lightweight and simple as possible while keeping users data
numerous of combinations available. The first normally being protected. While our application is limited in its uses, we will
a password, either created by the user or assigned to them upon be focusing on the security aspect. As we are handling users
account creation, or a PIN (personal Identification Number). data, it’s our responsibility as devs to consider the legal issues
Passwords will typically need to be remembered and this is in addition to the moral obligations we have when storing and
where security fails most often, users tend to create easily moving data around which we’ll cover later on.
memorable passwords and use the same password for several We aim to provide our services via API (Application
of their accounts, when one becomes compromised attackers programming interface) requests which authorised businesses
can then perform malicious activities without the authorisation will be able to call (once they implement the system they’ll be
of the account owner. given a unique API key which can be used to make requests to
our platform) whether it be to add a user to the TFA system or schemes and are not something which we are aiming to correct
check against an OTP provided by the user on a login attempt. or improve on.
We plan to make an iOS app where the user will be able to To compile our requirements, we looked at already existing
receive their dynamic OTP upon login. The OTP generated forms of TFA and how they would compare to our proposed
will be a dynamic one where it changes every so often. system. We covered a variety of different approaches to TFA
and dismissed examples which would not be suitable for our
C. Stakeholders needs. An example of this would be using biometrics as TFA,
Being a stakeholder fundamentally means that you’re some- firstly the complexity of this task would take longer than the
one which will be affected by or use the system. When allotted time given to complete this task. Another problem
developing a system we need to know who’ll be using it so we would be that biometric scanning needs specialised equipment
can tailor the system to them, are they technically able people, which tends to be expensive, we would need to supply
how will they interact with the system once it’s implemented. businesses using our platform with such devices which takes
For our purposes our stakeholders would be external business away from our aim of making it simple and easily integrable
owners who would like to provide a TFA option for their users; into any business. We focused our search on mobile based
therefore their users also become part of our ecosystem. We apps that had a form of two or multi-factor authentication
would provide the services for the owners while authenticating implemented.
their users. Stakeholders also include malicious users which Steams app is also available on both mobile OS;s, once you
we will have to evaluate the ways in which they can attempt have signed up to Steam Guard using your steam account, you
to disrupt our services or impersonate other users and present can then add your phone number which they use to send a
solutions as to combat the threat. verification code to finalise the setup and identify the device
as yours. After that has been setup every time you access your
D. Organization account the app will produce a code which changes regularly
as shown in 1.
The rest of this paper is laid out in the following order.
In Section II we investigate and describe related work on
two factor authentication protocols and examples of existing
implementations. In Section III we walk through some of the
use cases for our project. Section IV describes both the system
and the adversarial model and strictly define the problem
statement. In V we present the cryptographic primitives used
throughout the paper. In VI we outline the functional require-
ments for our project. In VII we describe the protocols both
for the AP and the iOS app as formal constructions. In VIII
we describe the system setup and present relevant test results.
1) Business representative goes to TFA website and navigates to the business sign up page.
2) Rep enters required details and submits.
Alternative Flow
N/A
Exception If the business has already signed up or did not fill all
the required fields they will be alerted.
Post Conditions Business will now be registered and an API key will be
generated.
Fig. 2: Duo
TABLE II: Business signs up to TFA
Features HSBC Steam Duo TFA
Use Case Number UC3
Dynamic OTP Yes Yes Yes Yes Use case 3
can provide services to different businesses such as Sofware as 1) User opens app and navigates to correct section
a Service (SaaS) cloud-based services [5] has the drawback of 2)
3)
App loads correct section and prompts user with conditions
User must accept conditions
the extra baggage of needing an agent to be introduced into the 4) App makes request and users records are removed from the system.
client system, while what we need is something simple that can Alternative Flow
easily be implemented. For our TFA platform we must keep it N/A
as simple as we can so businesses do not have to change their Exception User must accept conditions on deletion.
such that: R5. Businesses should be able to manage their account SHOULD
DescriptionBusinesses may have the ability to manage their subscrip-
1. Gen is a probabilistic algorithm that takes as input a tion to our services and update any of their details.
security parameter l and outputs a key K ← Gen 1l ) R6. Users should be able to manage their account. SHOULD
Description Users should be able to modify details or delete their
such that K ∈ K and the key length |K ≥ l| . account if required.
2. Sign is a probabilistic algorithm that takes as input a key R7. Malicious requests for the generation of OTP’s that could lead to SHOULD
K and a message m and outputs a tag T ← Signk (m). a Denial of Service attack [8], [9], [10], [11] should be identified and
the corresponding IP addresses should be blocked.
3. Vrfy is a probabilistic algorithm that takes as input a Description Looking at login patterns and general area of access is
key K, ciphertext m ∈ M and a tag T and verifies a way in which this could be achieved, if the request does not fit
the authenticity of T such that the ouput bit b := the pattern we could temporarily block access and have the business
request an unblock when verified.
Vrfyk (m, T ) = Vrfyk (m, Signk (m)) where b = 0||1 if
R8. Users should be able to register via various businesses. SHOULD
the signature is valid or not. DescriptionUsers working for different businesses that are using our
platform should have different OTPs for both every business they
Definition 5 (Non-keyed Hash): A hash function H takes belong to.
m as the input and produces an output known as a hash −
value or hash denoted by h = H(m). Hashes serve as a
digitalf ingerprint also called a messagedigest and can be B. Non-Functional Requirements
used to uniquely identify a messages integrity. Once m and h
VII. P ROTOCOL D ESCRIPTION
is sent to the recipient we can hash m and compare with h.
Definition 6 (Salt and CSPRNGs): A salt is denoted as S = In this section, we will describe the main protocols. These
RAND(n) where n is the number of bits using a cryptograph- protocols are successively applied to deploy a two-factor
ically secure pseudorandom number generator (CSPRNG) op- authentication infrastructure providing web-services user au-
posed to a pseudorandom number generator (PRNG). PRNGs thentication as well as data integrity and security. We cover
produce numbers which look random but are in fact created the 2FA architecture and what programming languages were
by a deterministic algorithm which makes the random values used.
reproducible making them insecure to use. We present our construction for 2FA2 p2 with our 3 partici-
Definition 7 (Key Derived Function): KDFs are determin- pating entities: a webservice (W S), a user and an authentica-
istic algorithms which are used to derive cryptographic keys tion platform (AP ).
Requirement Level
and then encrypting it with AP s public key pkAP to get c1 ,
NF1. Sending and receiving of data between CSP and business must MUST
be encrypted at all times
where c1 is the encrypted message:
DescriptionTo combat packet sniffing/snoopers and keep data secure
we must not send plain messages and we have to comply with laws c1 = EncpkAP ({username kH(password) kdetails })
stated in [2].
NF2. Data transactions between CSP and user must be encrypted at MUST
Upon reception, AP uses skAP to decrypt c1 and recover
all times m1 = DecskAP (c1 ). Next AP checks if said ui is part of
Description To combat packet sniffing/snoopers and keep data secure their system already, if not it saves their details into a secure
we must not send plain messages and we have to comply with laws
stated in [2] section. database while storing registration time by executing the cur-
NF3. An OTP must be generated in a truly random way MUST rent time function to get τ . AP also generates a salt, si ,using
Description This is a must as if the algorithm is simple and data is a cryptographically secure pseudorandom number generator
intercepted codes could easily be generated.
(CSPRNG) which is unique to ui . The salt will also be stored
NF4. The same OTP must not be generated more than once MUST
Description to be concatenated to the end of the hashed password to be
NF5. Freshness of the OTP must be verified from the authentication MUST hashed and stored.
server Passwords on server are determined and stored as such:
DescriptionAuthentication server will use time based systems when
verifying OTPs validity. SPui p = H(H(password) + si ).
Login.Request
* +
c1 = EncpkAP ({username kH(password)})
Verify
Response
Gen.OTP
* +
OT P = PBKDF(uki ksi k(C + η)kP RF )
username,OT P
Gen.OTP
* +
c2 = Enc(APpk {username kOT P kW SiAP Ikey }kσ W Sisk )
Verify
Response
Grant or deny access