Is Battery-Free 2-Factor ID Secure?

An anonymous reader writes "There was a television program in Australia last week about Matthew Walker's visual battery-less two-factor authentication system called PassWindow. Essentially, you hold the clear plastic window up to the apparently random pattern on the screen of your computer, revealing a one-time PIN to type in for authentication. The plastic window has many advantages: difficult to copy or view over the shoulder, etc. Because there is no electronics, chip or battery, the PassWindow is extremely cheap to manufacture, giving it a big advantage over other two-factor authentication systems. However, I don't know about the security of the system. The apparently random pattern of lines in the PassWindow is analogous to a one-time pad, using a different subset of the one-time pad every time a PIN is needed. Is this a useful level of security for logging in to a bank account?"

Prior Art

[Richard+W.M.+Jones]

Lenslok, hated by 8-bit gamers everywhere.

One major problem: monitor resolution

[Saint+Fnordius]

A lot of these sorts of schemes assume some sort of fixed pixel size such as 96 dpi, a fantasy that hasn't been true since, well, ages. Some LED screens have up to 150 dpi resolution, others as low as 72dpi. If the scale is wrong, then the pixels won't line up and the decoder is then useless.

Now, I admit it's possible that the creator of this scheme might have solved this, but I doubt it. A colour filter like those games whose clues are read through a red plastic foil viewer would be far too easy to crack, for example.

I can't escape the impression that this is just security theatre and not serious security after all.

Wrong. It is not translucent.

[brunes69]

Please RTFA and the website. The filter is opaque. THe user is sent gibberish as a password, and it only makses sense if you have the opaque window to create letters and numbers from the gibberish.

It is mot possible to decode without knowing the one time padd. And the one time padd is implemented in the physical world, by the window.

If the authors claims are accurate (that it is possible to create tens of thousands of throwaway passwords per window before they need to be replaced) then this is an ideal authentication method IMO.

Re:Wrong. It is not translucent.

[maeka]

The problem is that the second time you use that window, it's no longer a one-time pad.

You're only using a subset of the window at a time. It is a single object which acts as many many one-time pads.

meh

[TheSHAD0W]

From what I saw, this system might be able to protect you from a single compromisation of your security. This would depend on a few factors, though. Given you can see both the pattern and the code, from a single session you could make some assumptions about what the code would be with a different pattern. It might take a few tries to generate the correct code. If the attacker can partially log in multiple times without being locked out, he may be able to choose a pattern that has fewer possible permutations for the code.

There's also a potential problem in that, if an attack is made on an account and the account is locked out, the card would have to be replaced. Otherwise, if the account is re-enabled without replacing the card, the attacker would be able to continue to make attempts to log in. I suppose you could also alert the customer to change their password due to a security breach.

I don't think this will protect very well against a customer's own system being compromised, with an attacker being able to monitor multiple log-ons. There are simply too few possible permutations in those 7-segment displays.

I'd also like to mention there's a potential problem if the monitor's resolution is too high. If, for instance, the user wants to log on via a netbook, the code displayed may be too small to match up with the code on the card, making logging in impossible.

Easily Rectified

[brunes69]

This is easily rectified in any software by compensating for the DPI by scaling up or down the image.

Heck you can do this in CSS:

            IMG.passwordWindow { width: 2in, height: 1in }

This image is going to be scaled to be the exact same size on the screen in any web browser.

Also, this has nothing to do with color filters.

I swear to god every poster on this thread so far has not gone to the website: http://www.passwindow.com/

This is actually a very novel idea that has been thought out thoroughly.

Re:Easily Rectified

[amorsen]

This image is going to be scaled to be the exact same size on the screen in any web browser.

Only in your dreams. Lots of people lie to their OS about their monitor DPI, because said OS is deficient.

short answer: no

[Arthurio]

The transaction looks like this: 1) user chooses which kind of credit card he/she has 2) user gets a screen where he/she can specify the cc nr and de-scramble the code 3) user's browser sends the cc nr and de-scrambled code back to the server 4) server replies: all is well, congratulations If the fraudster is able to intercept just 1 of these transactions then he can already narrow the number of possible "PassWindow" combinations down to lets say a few hundred. But if he can intercept for example 3 or more of the transactions made with the same card then he can easily narrow the possibilities down to fewer than ten combinations. There exists no mechanism that would prevent the fraudster from trying out all of these 10 or fewer combinations. The most secure way to handle cc transactions would be to confirm every transaction with the cc holder. It could work with e-mail, sms, telephone, im or any other means of communication that the cc holder has chosen and believes is secure enough for him/her. That of course would create significant delays that many current cc systems would be unable to handle since atm they expect instant replies from the cc issuer. Which means that this system would only work with credit cards meant for online payments. In physical stores the 'pin code' is still the best solution at least until the confirmation delays come down to a few seconds.

Chaum-like

[goombah99]

This is sort of like one of Chaum's voting system reciepts. those are provably secure for single use.

however having watched the video, it's obvious this one is weakly secure for a single use and rapidly insecure for multiple uses.

given a series of challenges one should be able to apply a process of elimination to determine the missing elements.

the alternative would seem to be to choose the challenge from a restricted pallet of challenges that assures some ambiguity. in this case intercepting a bunch of challenges will simply reduce the number of possible choices.

for example, if the ambiguity could be maintained at 3 choices per digit then 7 digits provides 2187 possiblilites.

that's actually not hideous. it's comparable to a bicycle lock. thus the key to making that low number useful is to prevent someone from rapidly trying the challenges exhaustively.

e.g. if you are only allowed 2 challenges per 30 minutes, or more deviously, if the challenger denies access with say 10% probability even when you type in the right pass code.

this will make such 2- factor while not government grade probably not worth the attackers time.

Security for the masses

[foniksonik]

Most of the comments here are aimed at high-security applications where the assumption is that there are people looking to crack the security and will do whatever it takes to do so. This invention isn't targeted at that application however. You've missed the point.

This security is like a standard car door lock or home door lock. It won't prevent someone from breaking in but it will deter them enough to make it a less attractive. This certainly shouldn't be used to protect your bank account but it could be used the authenticate you on a variety of websites that do not hold any sensitive information (you'd still need your CC number to make a purchase) or as a guest key to get access to a wireless connection at a cafe.

As a light security measure this is a fairly good option... just like a key/lock as described in the video.

The big point is that a criminal would have to work fairly hard to get access to an account, without knowing if the amount of work involved will be rewarded and this amount of work would have to be repeated for each account.

Re:Er, WTF?

[Chris+Burke]

No, I'm worried that the planet will be overrunby self-assured neanderthals who can't think of a situation other than home banking in which an authentication system might be used.

Even neanderthals know that regardless of the application, if someone has acquired physical access to your home you're pretty much fucked.

If you can't make use of controlled paranoia, you've no business discussing security issues.

Great, let's control this paranoia with some rational assessment. So, we've got a plastic window that acts as a filter on random data. How does this compare to a typical 2-factor solution, the RSA SecurID? An attacker needs both the random data and the window pattern to get the true passcode. We can assume they can snoop the random data, so then if they can see the window (somehow) they can crack it, but if they can see a plastic window it's not too much of a stretch to them being able to see your dongle's display. RSA has an advantage here, but not one a paranoid person would be moved by.

Now perhaps the attacker can reverse-engineer the pattern by tricking them into visiting a phishing site and see what tokens they enter for a given piece of random data. Without doing the math, it seems like it would take a small-ish number of tries to deduce the pattern (since we're only talking about seven segment digits here), but probably more than a normal user would expect to be able to try without being locked out of the system. If they do discover the window, then they have broken the scheme completely. Compare to SecurID, where it would be intractable to figure out the random seed based solely on the tokens generated. On the other hand, in both cases it only takes entering in a password/token combo into a phishing site once and the attacker then has a valid password for as long as that code is valid -- ~30s on a SecurID, more than long enough to gain access to the protected system.

Thus the plastic window method is more likely to result in giving an attacker long-term access, but only in situations where a SecurID would likely have given an attacker access at least once. While certainly there are cases where the former is worse, in general having an attacker gain entry even once is unacceptable.

So while it's not a direct 1:1 replacement for SecurID, it isn't all that much worse, and much better than 1-factor authentication. As a low-cost way of adding additional security this is a pretty damn good invention. There are many applications where this will be more than good enough. Home banking being one, yes. For, say, the FBI agent logging into work it may not be, but they can keep their SecurID or whatever they use, if they decide there's a point.