A Security Analysis, and a Fix, of a Code-Corrupted Honeywords System

Genç, Ziya Alper; Lenzini, Gabriele; Ryan, Peter; Vazquez Sandoval, Itzel

Reference : A Security Analysis, and a Fix, of a Code-Corrupted Honeywords System


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/32789

Title :	A Security Analysis, and a Fix, of a Code-Corrupted Honeywords System
Language :	English
Author, co-author :	Genç, Ziya Alper [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Lenzini, Gabriele [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Ryan, Peter [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
	Vazquez Sandoval, Itzel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Publication date :	2018
Main document title :	Proceedings of the 4th International Conference on Information Systems Security and Privacy
Peer reviewed :	Yes
Audience :	International
Event name :	4th International Conference on Information Systems Security and Privacy
Event date :	22-24 January 2018
Keywords :	[en] Honeywords ; Password-based Authentication ; Secure Protocols Design ; Formal Analysis
Abstract :	[en] In 2013 Juels and Rivest introduced the Honeywords System, a password-based authentication system designed to detect when a password file has been stolen. A Honeywords System stores passwords together with indistinguishable decoy words so when an intruder steals the file, retrieves the words, and tries to log-in, he does not know which one is the password. By guessing one from the decoy words, he may not be lucky and reveal the leak. Juels and Rivest left a problem open: how to make the system secure even when the intruder corrupted the login server’s code. In this paper we study and solve the problem. However, since “code corruption” is a powerful attack, we first define rigorously the threat and set a few assumptions under which the problem is still solvable, before showing meaningful attacks against the original Honeywords System. Then we elicit a fundamental security requirement, implementing which, we are able to restore the honeywords System’s security despite a corrupted login service. We verify the new protocol’s security formally, using ProVerif for this task. We also implement the protocol and test its performance. Finally, at the light of our findings, we discuss whether it is still worth using a fixed honeywords-based system against such a powerful threat, or whether it is better, in order to be resilient against code corruption attacks, to design afresh a completely different password-based authentication solution.
Permalink :	http://hdl.handle.net/10993/32789
Other URL :	http://www.icissp.org
Mentions required by the publisher for OA :	The original contribution was presented at ICISSP 2018 (http://www.icissp.org/).

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	ICISSP_2018_40.pdf		Author postprint	229.59 kB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices