Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Is Battery-Free 2-Factor ID Secure?

timothy posted more than 5 years ago | from the go-ahead-do-your-worst dept.

Security 180

An anonymous reader writes "There was a television program in Australia last week about Matthew Walker's visual battery-less two-factor authentication system called PassWindow. Essentially, you hold the clear plastic window up to the apparently random pattern on the screen of your computer, revealing a one-time PIN to type in for authentication. The plastic window has many advantages: difficult to copy or view over the shoulder, etc. Because there is no electronics, chip or battery, the PassWindow is extremely cheap to manufacture, giving it a big advantage over other two-factor authentication systems. However, I don't know about the security of the system. The apparently random pattern of lines in the PassWindow is analogous to a one-time pad, using a different subset of the one-time pad every time a PIN is needed. Is this a useful level of security for logging in to a bank account?"

Sorry! There are no comments related to the filter you selected.

eat my ass (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28755653)

fo y'all

Fallacy (1, Insightful)

Philip K Dickhead (906971) | more than 5 years ago | (#28756499)

The power source should not be considered in the security question. That is a reliability and availability issue. With "soft tokens" that can be safely operated from phones and USB thumbdrives, there are already solutions to the perceived problem.

Now, to address the question of security for this new "token", you need to focus on the PIN generation algorithm, and the security of the delivery channel.

Unfortunately in this little PR video, there's not enough technical implementation information to make any deeper analysis of the specific solution. But we can speculate on this type of system, in general.

Obviously, the SecureID type token - where no secret is transmitted to generate the secret - is always more secure than a scheme where a remote display of a secret is generated. The channel can be intercepted enroute, if valuable enough to warrant the effort. There is also the possibility of TEMPEST type attacks on monitor emissions. These have to be evaluated, but I expect they are low-risk, and with the one-time use of the secret, probably not worth the trouble.

More troubling? This is being generated and displayed on demand, when regular credentials are first supplied. That means that an attacker with the regular password can request a new PIN many times, regardless of thier location. They can do this many times, and analyze output well enough to craft an attack on the scheme.

Ultimately, I would view this as a replacement for CAPTCHA technology, which it more closely resembles, than I would an improvement on OTP tokens. Unfortunately, I don't see the value of CAPTCHA justifying the cost and effort in this "passive" OTP.

Simpsons trading cards (2, Interesting)

Bob Gelumph (715872) | more than 5 years ago | (#28755675)

I used to have some Simpsons trading cards that were like that. There was what looked like static on a TV screen, which, when another plastic panel was put in front of it, would show a de-scrambled image. I can't see how it is secure though, because the plastic descramblers are all the same. Someone could still take a photo and use a similar plastic window elsewhere.

Chaum-like (4, Insightful)

goombah99 (560566) | more than 5 years ago | (#28755999)

This is sort of like one of Chaum's voting system reciepts. those are provably secure for single use.

however having watched the video, it's obvious this one is weakly secure for a single use and rapidly insecure for multiple uses.

given a series of challenges one should be able to apply a process of elimination to determine the missing elements.

the alternative would seem to be to choose the challenge from a restricted pallet of challenges that assures some ambiguity. in this case intercepting a bunch of challenges will simply reduce the number of possible choices.

for example, if the ambiguity could be maintained at 3 choices per digit then 7 digits provides 2187 possiblilites.

that's actually not hideous. it's comparable to a bicycle lock. thus the key to making that low number useful is to prevent someone from rapidly trying the challenges exhaustively.

e.g. if you are only allowed 2 challenges per 30 minutes, or more deviously, if the challenger denies access with say 10% probability even when you type in the right pass code.

this will make such 2- factor while not government grade probably not worth the attackers time.

Re:Chaum-like (1)

goombah99 (560566) | more than 5 years ago | (#28756313)

Watching the video a few times now I see that they are doing some sort of multiplexing on the patterns so that digits can fall either on odd or even place boundaries. (i.e so that a given column of segments might be the left column of a gigit or the right column). I'm not quite sure what that does to the odds but I'd assume they do this because it makes it harder to crack.

Re:Chaum-like (1)

camperdave (969942) | more than 5 years ago | (#28756951)

What makes this system scary is that posession of the card == posession of the PIN. I could see this system as being really useful if there is also a memorized portion that the user has to enter. Say, display an FF code, and have the user enter their memorized PIN there instead of the FF. Or, display a bunch of sequences in two columns. The user uses the PassWindow card on each of the sequences in column A until their PIN is found. The user then slides the card over the corresponding sequence in column B and enters that number.

it's comparable to a bicycle lock.

Actually, what is really scary is that most bank cards are secured with a 4 digit PIN. They also are only as secure as a bicycle combination lock.

Re:Simpsons trading cards (1)

Z00L00K (682162) | more than 5 years ago | (#28756419)

And after a few uses sniffing data and response it should be possible to re-create the mask reasonably.

Re:Simpsons trading cards (1)

maxume (22995) | more than 5 years ago | (#28756641)

DVD Clue uses a little red magnifying glass to reveal information to one player. If you squint, you can read the data without the magnifying glass (the information is blue).

I guess the cards would be a stronger than that, but they are going to be awfully hard to use properly as they get stronger (because taking advantage of more variation on the card means better and better alignment of the screen and card).

Password is sent and used on the same connection (0)

Gnavpot (708731) | more than 5 years ago | (#28755679)

If I understand TFS correct:
The scrambled password is sent to the user through the same network connection where it is going to be used. So anyone pretending to be the user will also recieve the scrambled password.

The scrambling is worth nothing. If you can see the password using a colored filter, you can also see it using a filter in software.

Wrong. It is not translucent. (3, Informative)

brunes69 (86786) | more than 5 years ago | (#28755775)

Please RTFA and the website. The filter is opaque. THe user is sent gibberish as a password, and it only makses sense if you have the opaque window to create letters and numbers from the gibberish.

It is mot possible to decode without knowing the one time padd. And the one time padd is implemented in the physical world, by the window.

If the authors claims are accurate (that it is possible to create tens of thousands of throwaway passwords per window before they need to be replaced) then this is an ideal authentication method IMO.

Re:Wrong. It is not translucent. (0)

Anonymous Coward | more than 5 years ago | (#28755973)

If the authors claims were accurate

FTFY

I strongly doubt that this system will hold against a real cryptolanalytical attack. If you trick the user into visiting a phishing site, you can start a game of chosen ciphertext. If you chose the patterns wisely, you can get a lot of information about the pattern on the users key card without giving you away by sending patterns that result in invalid keys. Additionally, the keyspace of the system gets reduced depending on the key. e.g. if the keycard contains an line in the lower-left part of the digit, this digit can only become a 2, a 6 or an 8. Together with the information gatherable by the challenge-response game, I guess you can crack the system with a fairly good probability.

Oh, and of course it does not protect against MITM.

Re:Wrong. It is not translucent. (0)

Anonymous Coward | more than 5 years ago | (#28756301)

If you chose the patterns wisely, you can get a lot of information about the pattern on the users key card without giving you away by sending patterns that result in invalid keys.

Oh, I just noticed on the website that the system DOES allow "invalid" numbers to be shown, and the user should type in anything that resembles a number. This makes chosen cyphertext even more easy; you should be able to guess the whole key in just a handful of tries.

Re:Wrong. It is not translucent. (1)

Goaway (82658) | more than 5 years ago | (#28756045)

The problem is that the second time you use that window, it's no longer a one-time pad.

Re:Wrong. It is not translucent. (3, Informative)

maeka (518272) | more than 5 years ago | (#28756111)

The problem is that the second time you use that window, it's no longer a one-time pad.

You're only using a subset of the window at a time. It is a single object which acts as many many one-time pads.

Re:Wrong. It is not translucent. (1)

Goaway (82658) | more than 5 years ago | (#28756679)

Do you get a new one when you've used every part of it once?

Re:Wrong. It is not translucent. (0)

Anonymous Coward | more than 5 years ago | (#28756857)

Read the fucking article moron. Yes.

No, moron. This is not a one-time pad. (1)

Chris Burke (6130) | more than 5 years ago | (#28757155)

The point the GP was trying to make is that a one time pad [wikipedia.org] is not just a normal encryption key that you use once. A one time pad is where you never reuse any part of the encryption key at all even during the same act of encrypting a message. Therefore the one-time pad must be equal in size to the message itself. The reason this is considered unbreakable is because without any re-use of data, there's no crypotgraphic analysis to be done. With a properly random pad, you can use the most brain-damaged encryption methods, i.e.:

for(long i = 0; i

and bam, you're done.

But this isn't a one-time pad, because it does not generate a new random number for every byte of data you are sending. It's just 2-factor authentication using a random number at the end of a normal password. It's a low-budget way of doing SecurID (which uses synchronized PRNGs). It seems to have some additional weaknesses over Securid, but the principle works and it is a cheap way to get multi-factor authentication which is at least much better than single factor.

Re:Wrong. It is not translucent. (2, Informative)

morgan_greywolf (835522) | more than 5 years ago | (#28756133)

It is mot possible to decode without knowing the one time padd. And the one time padd is implemented in the physical world, by the window.

I wouldn't say that. The "one time pad" is static. If it were truly an OTP, you would either need hundreds of these cards, or at least several that could be combined together in thousands of different ways. and they would have to have lots and lots of different combinations to make it work.

The bottom line is the physical factor is the weak link in the chain. The key-length is too short.

Re:Wrong. It is not translucent. (1)

foniksonik (573572) | more than 5 years ago | (#28756337)

SO a higher security version would just have a longer key-length... duh. How many characters do you want to type in? 8, 12, 24, 56? Most passwords only have to be 6 and can be as many as 8 ;-p

Actually the card could be printed with room for say, 48 characters but you would only use 8 at a time... make it a grid and have the user type in the characters left to right... 1 character per column.

One time, or every time? (1)

camperdave (969942) | more than 5 years ago | (#28756297)

But it's not a one time pad. It's an every time pad, as the plastic filter never changes. All it is is an acetate window with parts of a seven segment display printed on it in black. The computer displays other segments, and when the plastic window is aligned with the computer screen, these segments form a number. It would be easy to copy, and may even be fairly easy to crack without the card, since certain segment patterns will only occur in certain numbers.

Re:Wrong. It is not translucent. (2, Funny)

Zebra_X (13249) | more than 5 years ago | (#28756307)

Nah not ideal at all. It's a hi tek secret decoder ring. The problem with this particular ring is that a copy can be made of it. I would condsider this a huge vulnerability. Other more conventional technologies such as secureid cannot be compromised in this way.

It's not a one-time-pad if you use it twice. (1)

pushf popf (741049) | more than 5 years ago | (#28756957)

Please RTFA and the website. The filter is opaque. THe user is sent gibberish as a password, and it only makses sense if you have the opaque window to create letters and numbers from the gibberish.

It is mot possible to decode without knowing the one time padd. And the one time padd is implemented in the physical world, by the window.


It's not a one-time-pad if you use it twice.

It's probably better than nothing, but not by much.

Think I'll pass (1, Insightful)

CarpetShark (865376) | more than 5 years ago | (#28755681)

Let's see. Worst case scenario, you set up a camera that does about 30fps, with rotating filters in front, and use OCR to look for text in each frame. 30 passwords per second is a lot faster than 1 password + delay, 2 password + longer delay, 3 password + get account re-enabled.

Aside from that brute force method, I suspect the system is pretty vulnerable to more sophisticated attacks, like quickly narrowing down what window people have by analysing the more obvious features (number of lines, angle of lines, ratio of vertical lines to horizontal waves, etc.) of an on-screen pattern, for instance.

Basically... donotwant.

Er, WTF? (2, Insightful)

brunes69 (86786) | more than 5 years ago | (#28755881)

So you are worried about crackers breaking into your house and setting up spy cams to steal your banking password?

If they have already broken into your house why would they bother with that? Why not just steal your statements?

Or just use the spy cams to record all your online activity?

Talk about paranoid. This is a pointless argument against the system that holds no merit at all.

Re:Er, WTF? (0)

Anonymous Coward | more than 5 years ago | (#28756245)

Wouldn't have to break into house all you would have to do is create a program that would look at a pattern apply some sort of mask over it and check for readable characters, keep doing this until you get something legible and then you have the mask for that person. If they change the pattern in browser take a screenshot, the pattern may be changing but the mask won't.

Re:Er, WTF? (1)

CarpetShark (865376) | more than 5 years ago | (#28756315)

So you are worried about crackers breaking into your house and setting up spy cams to steal your banking password?

No, I'm worried that the planet will be overrunby self-assured neanderthals who can't think of a situation other than home banking in which an authentication system might be used.

Talk about paranoid

If you can't make use of controlled paranoia, you've no business discussing security issues.

Re:Er, WTF? (3, Insightful)

Chris Burke (6130) | more than 5 years ago | (#28756971)

No, I'm worried that the planet will be overrunby self-assured neanderthals who can't think of a situation other than home banking in which an authentication system might be used.

Even neanderthals know that regardless of the application, if someone has acquired physical access to your home you're pretty much fucked.

If you can't make use of controlled paranoia, you've no business discussing security issues.

Great, let's control this paranoia with some rational assessment. So, we've got a plastic window that acts as a filter on random data. How does this compare to a typical 2-factor solution, the RSA SecurID? An attacker needs both the random data and the window pattern to get the true passcode. We can assume they can snoop the random data, so then if they can see the window (somehow) they can crack it, but if they can see a plastic window it's not too much of a stretch to them being able to see your dongle's display. RSA has an advantage here, but not one a paranoid person would be moved by.

Now perhaps the attacker can reverse-engineer the pattern by tricking them into visiting a phishing site and see what tokens they enter for a given piece of random data. Without doing the math, it seems like it would take a small-ish number of tries to deduce the pattern (since we're only talking about seven segment digits here), but probably more than a normal user would expect to be able to try without being locked out of the system. If they do discover the window, then they have broken the scheme completely. Compare to SecurID, where it would be intractable to figure out the random seed based solely on the tokens generated. On the other hand, in both cases it only takes entering in a password/token combo into a phishing site once and the attacker then has a valid password for as long as that code is valid -- ~30s on a SecurID, more than long enough to gain access to the protected system.

Thus the plastic window method is more likely to result in giving an attacker long-term access, but only in situations where a SecurID would likely have given an attacker access at least once. While certainly there are cases where the former is worse, in general having an attacker gain entry even once is unacceptable.

So while it's not a direct 1:1 replacement for SecurID, it isn't all that much worse, and much better than 1-factor authentication. As a low-cost way of adding additional security this is a pretty damn good invention. There are many applications where this will be more than good enough. Home banking being one, yes. For, say, the FBI agent logging into work it may not be, but they can keep their SecurID or whatever they use, if they decide there's a point.

Re:Er, WTF? (0)

Anonymous Coward | more than 5 years ago | (#28757143)

No, I'm worried that the planet will be overrunby self-assured neanderthals who can't think of a situation other than home banking in which an authentication system might be used

What does this have to do with your suggestion that an attacker could set up a camera to capture your card pattern???

Re:Er, WTF? (1)

HikingStick (878216) | more than 5 years ago | (#28756507)

Well, this might have prevented by pre-school son from shoulder surfing my passwords when he wanted because he wanted to get up at night to play Spooky Castle. He knew he needed my passwords to get logged on (a BIOS password and my logon password), but he figured he should get them all in case he needed them.

I found them on a sheet of paper under his mattress when changing his bedding. I guess I should be a bit more worried now that he is older and has taken a liking to the various "spy gear" toys on the market...

Re:Think I'll pass (1)

LBU.Zorro (585180) | more than 5 years ago | (#28756213)

Nope, because the nature of it's quasi-one time pad means that you can generate hundreds of false positives, it's easy to get a result but the value, however, is only in the correct result.

You're trying to determine the contents of the PAD, the image is given to you for free. Once you have the PAD you can login at will.

But you can generate hundreds of PADs from an image, even from an image and the number you're looking for. It's only when there are 2 or more number/image pairs that you can start to guess. Since the same PAD has to resolve the correct numbers from the image.

Z.

Re:Think I'll pass (1)

CarpetShark (865376) | more than 5 years ago | (#28756333)

Nope, because the nature of it's quasi-one time pad means that you can generate hundreds of false positives,

That's much better, but since the viewing window is a constant, the false positives only add another stage to the process, with a few hundred possible answers to check. Every time you try a password and it doesn't work, you eliminate one of those possible answers. Wouldn't take long to work through them all.

Re:Think I'll pass (1)

foniksonik (573572) | more than 5 years ago | (#28756287)

What if there were false positives? Let's say out of the possible combinations 25% are not used as valid passcodes but instead are used as a honeypot for would be crackers? Vary the 25% unused permutations across the accounts using the system but keep the same passcode pattern for 24 hours per account.

Another obstacle is that a typical online account requires an additional data point - username. If an email address is used then that point is rendered somewhat irrelevant but can be used in combination with a cookie to require a login to be authorized by email if coming from a new computer (until a cookie is set - which is how they currently work).

Prior Art (5, Insightful)

Richard W.M. Jones (591125) | more than 5 years ago | (#28755685)

Lenslok [wikimedia.org] , hated by 8-bit gamers everywhere.

Re:Prior Art (1)

benjymous (69893) | more than 5 years ago | (#28756347)

Nooo! You just brought back the memories of OCP Art Studio on the speccy that I'd somehow managed to block!

Thankfully my parents took pity on me and bought me a copy of The Artist II on floppy (+3 baby!) which made my mouse adaptor birthday present actually useful!

Re:Prior Art (1)

Tet (2721) | more than 5 years ago | (#28756489)

I won't claim I liked Lenslok, but I personally never had any problems with it. The results were always clear enough for me to read easily and enter to correct code. YMMV.

No (1)

Darkness404 (1287218) | more than 5 years ago | (#28755691)

the PassWindow is extremely cheap to manufacture, giving it a big advantage over other two-factor authentication systems.

...Being so cheap that anyone could have one and use it does not sound like a good security idea.

Re:No (1)

afidel (530433) | more than 5 years ago | (#28755779)

Uh, I believe the idea is each one is unique, aka the seed to a one time pad. It's like carrying the one time pad but without it being obvious what you are carrying or as difficult to use as a one time pad.

Oh, and to the submitter, PIN number really?

Re:No (1)

ls671 (1122017) | more than 5 years ago | (#28756115)

Bank answering a phone call:

Good morning, Best Banking, how can I help you ?

Customer:

Huh, I seem to have forgotten my personal PIN number id...

Re:No (0)

Anonymous Coward | more than 5 years ago | (#28755907)

...Being so cheap that anyone could have one and use it does not sound like a good security idea.

Nothing is truely ever secure. Secure being relative to the functions of risk, profitabiltiy/desirability of the reward of achieving the result of the crack balanced by relative matters of concious or relative real world penalties. As the old saying goes, "locked doors only keep the honest out". Cheap always infers inadequacy, inexpensive would be preferred relative term when attempting to keep the costs down.

One major problem: monitor resolution (4, Insightful)

Saint Fnordius (456567) | more than 5 years ago | (#28755695)

A lot of these sorts of schemes assume some sort of fixed pixel size such as 96 dpi, a fantasy that hasn't been true since, well, ages. Some LED screens have up to 150 dpi resolution, others as low as 72dpi. If the scale is wrong, then the pixels won't line up and the decoder is then useless.

Now, I admit it's possible that the creator of this scheme might have solved this, but I doubt it. A colour filter like those games whose clues are read through a red plastic foil viewer would be far too easy to crack, for example.

I can't escape the impression that this is just security theatre and not serious security after all.

Re:One major problem: monitor resolution (2, Interesting)

Cylix (55374) | more than 5 years ago | (#28755851)

The image is displayed via browser and the sizing can be corrected at render time. It might not look pretty depending on the scale technique, but it can be done.

It still doesn't make it worthless. A one time factor like this has only so many combinations.

It's like solving the cypher problems in the newspaper. It really won't take that many iterations before you can correctly guess the pass card values.

Easily Rectified (3, Interesting)

brunes69 (86786) | more than 5 years ago | (#28755861)

This is easily rectified in any software by compensating for the DPI by scaling up or down the image.

Heck you can do this in CSS:

            IMG.passwordWindow { width: 2in, height: 1in }

This image is going to be scaled to be the exact same size on the screen in any web browser.

Also, this has nothing to do with color filters.

I swear to god every poster on this thread so far has not gone to the website: http://www.passwindow.com/ [passwindow.com]

This is actually a very novel idea that has been thought out thoroughly.

Re:Easily Rectified (3, Informative)

amorsen (7485) | more than 5 years ago | (#28755969)

This image is going to be scaled to be the exact same size on the screen in any web browser.

Only in your dreams. Lots of people lie to their OS about their monitor DPI, because said OS is deficient.

Re:Easily Rectified (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28756163)

huh? Linux desktop share is marginal and gnu hippies don't have any money, so they won't need this for banking.

Re:Easily Rectified (1)

characterZer0 (138196) | more than 5 years ago | (#28756001)

I have seen many computers set up with the wrong DPI for the monitor.

Re:Easily Rectified (2, Insightful)

tepples (727027) | more than 5 years ago | (#28756041)

This image [resized using point, inch, or other physically-based CSS units] is going to be scaled to be the exact same size on the screen in any web browser.

Unless the operating system's DPI setting doesn't match the physical dimensions of the monitor. A lot of people have never taken a ruler to their monitors, and some poorly-written yet business-critical applications for Windows tend to barf at any DPI setting other than 96.

Re:Easily Rectified (0)

Anonymous Coward | more than 5 years ago | (#28756643)

Including almost any .NET application built using the windows forms designer.

Re:Easily Rectified (1)

jabuzz (182671) | more than 5 years ago | (#28756853)

You do not need to take a ruler to the screen. You query the monitor using DPMS, and then compare that to a database that has your screen size in it.

Re:Easily Rectified (0)

Anonymous Coward | more than 5 years ago | (#28756063)

Are you being paid per comment or is it just a one time fee for this article?

Re:Easily Rectified (2, Insightful)

Saint Fnordius (456567) | more than 5 years ago | (#28756137)

You must not do a lot of CSS coding, or deal with multiple monitors. One centimetre on one screen is not the same on another. The usage of Pica, inches, millimetres and so on is only really recommended for print use. When used with screen resolutions, they are calculated into pixels based on the browser's preferences (often only switchable between 72dpi and 96dpi).

Even on prepress monitors, I have yet to see a monitor where a centimetre on the screen is equal to a centimetre on a ruler held to the screen.

Re:Easily Rectified (1)

DingerX (847589) | more than 5 years ago | (#28756555)

Yeah, but if you used CSS, and made a proportionally-correct window (Pixels are the worst solution), then you could just size the screen to the card, and the code would show.

The problem with the code is evident from the example on the screen: the card's marks in the first field can be combined against a field to produce a 0, 2, 6 or 8 flawlessly. It can also do (as one of the examples shows) a 7 with acceptable "noise". 1, 3, 4, 5 and 9 are impossible. So by a large enough data set of partial signs, you could figure out what was going on. The "added security features" like allowing automated shifting by half a row or inverting of the window actually diminish the security by giving additional data on what the card's markings are.

In the end though, it probably will be killed by browser tech. Enough casual users won't be familiar with things like manipulating browser window size, and, more importantly, those casual users will also constitute the largest pool of targets.

Re:Easily Rectified (0)

Anonymous Coward | more than 5 years ago | (#28756151)

I swear to god every poster on this thread so far has not gone to the website: http://www.passwindow.com/ [passwindow.com]

This is actually a very novel idea that has been thought out thoroughly.

If it is thought out so thoroughly, why is there no mention on cryptoanalytic reasons why this will not fall apart if an attacker tries to play chosen ciphertext with you? (My guess: Because there is no such reason and it WILL fall apart)

Re:Easily Rectified (1)

LBU.Zorro (585180) | more than 5 years ago | (#28756155)

Not *every* poster ;)

The video wasn't bad.. And I agree it could be made to work, and I don't think it's as insecure as others mention, camera wouldn't work but a photo of the card would allow you to very easily work it out (it has location marks).

What most don't seem to realise is that not all of the pass key is used every time and the image fakes some chars too.

Having said that it's not a one time pad... By it's very definition you use it more than once..

The more you use it, the less valuable it is.. Which is unfortunate as it's a pretty decent low tech solution which means in general it's pretty reliable,
although I didn't like the demonstration that the card was slotted on the screen and fit perfectly, as screen surrounds are always different, as are browser window locations - in reality you'd have to manually line up the card pressed against your screen - not as user friendly as mentioned.

You could process the image, but unfortunately it would merely tell you that there are a large number of card geometries that could generate the number (you would require key capture as well) each new use and number/image pair would help you deduce the configuration of the card but I suspect it's mathmatically provable how many iterations that would take - and as long as they were happy providing new cards before that time it could be secure (unless it was physically compromised of course). Of course if you didn't know that a card had been replaced then it would be much harder as you'd not know what data was linked with which card.

Hmm, I think the only way it would work effectively is if the card is replaced now and then and randomly and you have an overlap period when you send patterns that would resolve into different PINs depending on the card (and allow both pins but use the new pin to disable the old card) - and ensure the old card is destroyed.

Still, it's a hassle.

Z.

Re:Easily Rectified (1)

Joce640k (829181) | more than 5 years ago | (#28756717)

CONGRATULATIONS! You're the only poster so far who seems to have watched the video. The "garbage" chars are the key here.

Re:Easily Rectified (1, Insightful)

Anonymous Coward | more than 5 years ago | (#28756259)

No, the image will not be scaled to match the specified dimensions.

The OS may believe it knows the dimensions of the actual display, but that information does not have to be accurate at all (e.g. my OS thinks it's showing /. on a 17" instead of the 19" that is connected)

On top of that, one can easily change the size of the display area (at least on CRTs) using the various dials on the monitor for stretching or squeezing the visible screen display.

The image can be resized on screen. (1)

Joce640k (829181) | more than 5 years ago | (#28756725)

The little blue "resize" arrow clearly visible in the video says you're wrong. I'm guessing you line up the top-left arrows then drag the arrow until the bottom-right arrows overlap.

 

Even the old Sinclair/Times Spectrum "lenslok" protection had a resize function. Duh!

Re:One major problem: monitor resolution (1)

LordKronos (470910) | more than 5 years ago | (#28756079)

I don't think it would be too difficult to deal with. On the card, in addition to the digits, you would also have 2 reference point. Have the user place the card on the screen and then click on the 2 reference points. By knowing the distance, you could then generate the image in the correct resolution. That could either be done through a java or flash app, or it could be done using an imagemap type of method to gather the coordinates (no javascript needed) and then rescale the image server-side. Yeah, it's a bit less elegant but it still should work alright. I wouldn't be surprised to see some companies buy into this, at least as a trial.

Re:One major problem: monitor resolution (1)

jours (663228) | more than 5 years ago | (#28756267)

In the demo on their site there's a blue arrow you can drag to resize the graphic. It's awkward but it does solve the problem. http://www.passwindow.com/demo/index.html/ [passwindow.com]

Re:One major problem: monitor resolution (1)

maxume (22995) | more than 5 years ago | (#28757113)

Fixed link (the trailing slash after .html breaks the page):

http://www.passwindow.com/demo/index.html [passwindow.com]

Sounds pretty weak to me (1)

jandrese (485) | more than 5 years ago | (#28755705)

Looking at how it works, my guess is that you could brute force someone's "passwindow" card with just a handful of inputs. There are only 7 different elements for each digit, and you should be able to figure out which spots are filled in pretty quickly and what numbers they represent.

If you got smart (1)

mcfatboy93 (1363705) | more than 5 years ago | (#28755709)

couldn't you get a plastic filter for a camera and see the password that way?

Re:If you got smart (1)

maxume (22995) | more than 5 years ago | (#28756569)

The filter would have to match the card.

To me it looks like there would be serious issues with making the card complex enough to be resistant to software that used the key image to generate output images for every possible card and then sorted them using ocr or whatever (the software could also keep track of what patterns had been tested previously, so new key images don't do much other than slow the process down a little bit).

Before using this system (0)

gothzilla (676407) | more than 5 years ago | (#28755731)

Please make sure you are using a 19" flat screen monitor with the resolution set to exactly 1024x768.

Re:Before using this system (1)

brunes69 (86786) | more than 5 years ago | (#28755795)

This is easily rectified in any software by compensating for the DPI by scaling up or down the image.

Heck you can do this in CSS:

      IMG.passwordWindow { width: 2in, height: 1in }

This image is going to be scaled to be the exact same size on the screen in any web browser.

Re:Before using this system (1)

reed (19777) | more than 5 years ago | (#28755919)

Only if the user has correctly configured his system to know the correct physical resolution (dpi) of the screen, or the OS was able to get correct information from the screen automatically (DDC); this will only be true for some users.

Re:Before using this system (1)

Old Grey Beard (869804) | more than 5 years ago | (#28755933)

This image is going to be scaled to be the exact same size on the screen in any compliant web browser.

There. Fixed it for you.

Re:Before using this system (1)

Bert64 (520050) | more than 5 years ago | (#28756865)

Assuming the OS knows and uses the screen DPI... X11 has done this for years, but i dont think windows does.
And aside from that, not all screens are capable of reporting their DPI, and this will also break where you have a multi screen setup using 2 different size screens.

Not really (1)

jgreco (1542031) | more than 5 years ago | (#28755737)

Anyone who's broken into your PC and has spyware installed can fairly easily observe several login attempts with this, and then derive what your PassWindow is. This is worse than poor security, as it gives people an illusion that it is something that it isn't.

Er, WTF? (1)

brunes69 (86786) | more than 5 years ago | (#28755829)

And this is less secure than existing passwords how?

With existing passwords spyware just grabs the keystrokes.

With this method the spyware would have to do OCR on the password image and then do a sophisticated algorythm comparing what you typed, and do this many times before it could be sure it had the whole image.

It is much more complicated. Sure it is still vulnerable but it is a vast improvement over most password systems.

Re:Er, WTF? (1)

jgreco (1542031) | more than 5 years ago | (#28756181)

Poor logic. It is not much more complicated. You should be able to determine the digits given a very small sample set. Probably no more than three or four times. Possibly twice. You can eliminate many digits with just a single sample. Anyone who's ever decoded crypto using elimination knows this. While it is better than plain old passwords, it is being billed as an alternative to secure ID schemes, so you have to compare it on those merits. It completely fails. If you're going to mail someone a plastic card, then you might as well just send them a list of one-time passwords, indexed by number, and commit to resending them once in a while. This solves the guessability problem completely. This sort of problem is addressed in basic crypto courses, and there's a reason that a "one time pad" has the words "one time" included in the name. It's only secure one time.

Sounds like a money making scheme (1)

Igorod (807462) | more than 5 years ago | (#28755741)

Ugh, he says a simple cheap solution...it sounds like it's going to cost just as much to implement it in the background for any companies who chose to use it. Plus they'll have to maintain a copy of what your unique key is, as well as maintain further IT staff in case of errors, which god knows seems to happen a lot on banking websites. Sounds like a way for him to make some fast cash if he can get organizations to take this up.

meh (4, Informative)

TheSHAD0W (258774) | more than 5 years ago | (#28755825)

From what I saw, this system might be able to protect you from a single compromisation of your security. This would depend on a few factors, though. Given you can see both the pattern and the code, from a single session you could make some assumptions about what the code would be with a different pattern. It might take a few tries to generate the correct code. If the attacker can partially log in multiple times without being locked out, he may be able to choose a pattern that has fewer possible permutations for the code.

There's also a potential problem in that, if an attack is made on an account and the account is locked out, the card would have to be replaced. Otherwise, if the account is re-enabled without replacing the card, the attacker would be able to continue to make attempts to log in. I suppose you could also alert the customer to change their password due to a security breach.

I don't think this will protect very well against a customer's own system being compromised, with an attacker being able to monitor multiple log-ons. There are simply too few possible permutations in those 7-segment displays.

I'd also like to mention there's a potential problem if the monitor's resolution is too high. If, for instance, the user wants to log on via a netbook, the code displayed may be too small to match up with the code on the card, making logging in impossible.

Re:meh (1)

Kagato (116051) | more than 5 years ago | (#28756817)

It seems this system is designed to protect the customer from having the security numbers skimmed off the card. For instance, when you're at a restaurant in the US the waiter often has possession of the card for more than enough time to skim all the information needed for fraud. They could take a picture of the card, and reproduce the digits on transparency film. The goal is to make is much hard for people to discreetly copy the information.

I think that's a interesting system, BUT, the better solution is for servers to never touch the card. They should use remote terminals like the mandatory ones in Europe.

No, it is not (1)

Opportunist (166417) | more than 5 years ago | (#28755835)

Mostly because your "key" is static and only offers a very limited amount of possible configurations (WAY less than the average 2048 bit key, think more along the lines of an 8 bit key). It's trivial to have software calculate all the possibilities (all you need is one or maybe two arbitrary keys, "lenses", to figure out the process), adjust the picture to match what you'd "see", then throw it at OCR software and you'll end up with very few reasonable ("legible") configurations.

After a few, maybe even after the first, sample you know what configuration his lenses have and you have it cracked.

It's better than nothing.... (2, Informative)

Dr. Crash (237179) | more than 5 years ago | (#28755869)

It's better than nothing.

The trick is that yes, it does leak information- each time you use it, an eavesdropper gets a little more information, perhaps enough to "get in". Or perhaps not.

On the other hand, the server end knows what cells may or may not have been compromised and can optimize around that.

The beauty of such grilles (and they have been known for centuries) is that they are _cheap_ and it's not unreasonable for the server end to predict when a grille's private information has been used up and sends you a new one well before that time.

So- not new, but not bad, either.

short answer: no (3, Informative)

Arthurio (1392181) | more than 5 years ago | (#28755987)

The transaction looks like this: 1) user chooses which kind of credit card he/she has 2) user gets a screen where he/she can specify the cc nr and de-scramble the code 3) user's browser sends the cc nr and de-scrambled code back to the server 4) server replies: all is well, congratulations If the fraudster is able to intercept just 1 of these transactions then he can already narrow the number of possible "PassWindow" combinations down to lets say a few hundred. But if he can intercept for example 3 or more of the transactions made with the same card then he can easily narrow the possibilities down to fewer than ten combinations. There exists no mechanism that would prevent the fraudster from trying out all of these 10 or fewer combinations. The most secure way to handle cc transactions would be to confirm every transaction with the cc holder. It could work with e-mail, sms, telephone, im or any other means of communication that the cc holder has chosen and believes is secure enough for him/her. That of course would create significant delays that many current cc systems would be unable to handle since atm they expect instant replies from the cc issuer. Which means that this system would only work with credit cards meant for online payments. In physical stores the 'pin code' is still the best solution at least until the confirmation delays come down to a few seconds.

Password in clear-text (1)

jlcooke (50413) | more than 5 years ago | (#28756057)

The system is no better than having a normal credit card CVV.

The LCD-like half-images are the secret. Take a photo of that and you're totally compromised.

The battery systems (like RSA SecurID) are better because they protect the secret inside the deviceand only give a derived value every 60 seconds.

Nice try however.

Re:Password in clear-text (2, Informative)

Joce640k (829181) | more than 5 years ago | (#28756773)

It's like having a few dozen CVVs. If you snoop one of the CVVs on the card it won't help you when the server asks you for a different one.

If you can snoop a few dozen transactions you can crack it, sure, hut if you're in a position to do that the other person is basically screwed anyway.

Re:Password in clear-text (1)

Kagato (116051) | more than 5 years ago | (#28756779)

SecureID has been cracked for years now.

Totally crackable (1)

popo (107611) | more than 5 years ago | (#28756099)

This idea is completely crackable and you don't have to be a psychic genius here folks.

You take the image, and run a digital filter on the image -- creating thousands of new "images" which emulate the possibilities for the plastic window.

You then interpret the results (A simple OCR of the resulting images should do), and you try those passwords.

Yes, it's brute force -- but it's no safer than a non-image password.

By the way, my E*Trade RSA digital passkey is a great system of 3 point password protection. Why isn't everyone using that?

Re:Totally crackable (1)

maxume (22995) | more than 5 years ago | (#28756443)

I figure there are three or four big reasons: People don't know about them, people don't understand them, they introduce hassle, and they cost a little bit.

I have the option of using an RSA device for one of my accounts, but I haven't bothered.

Re:Totally crackable (2, Interesting)

mlts (1038732) | more than 5 years ago | (#28756735)

I use a similar system when offered by vendors. Blizzard has a keyfob, same with PayPal and eBay. Both of which are not technically SecurID, but OEM-ed VASCO tokens. My OpenID account on one site uses this keyfob as well.

What I wish for is someone to make a standard among the keyfobs, so regardless if someone has a SecurID card, a DigiPass Go, or a program that runs on a smartphone, they would be interchangable. Mainly so I don't need multiple keyfobs to authenticate to multiple sites, and it would be nice to buy a keyfob with selectable security features, be it merely pressing a button to see the 6 or 8 digit number, or more advanced measures like typing in a PIN, or swiping a fingerprint for three factor authentication (something you know, something you have, something you are.) Then take this standard for authentication and build it into all the popular OS logins, so the root password on a Linux box can be tied to one or more of these devices (so multiple people's keyfobs can authenticate).

Of course, it won't completely stop crime, but it will force malware writers to not just use passive keyloggers. Instead, they would be forced to go into more active man in the middle attacks against browsers (where the user is shown one thing while another action is being performed. IBM's ZTIC is the ideal solution for this.) This should be a lot more detectable though, as opposed to a keylogger that is just a driver hook away from silent operation.

Security for the masses (3, Insightful)

foniksonik (573572) | more than 5 years ago | (#28756127)

Most of the comments here are aimed at high-security applications where the assumption is that there are people looking to crack the security and will do whatever it takes to do so. This invention isn't targeted at that application however. You've missed the point.

This security is like a standard car door lock or home door lock. It won't prevent someone from breaking in but it will deter them enough to make it a less attractive. This certainly shouldn't be used to protect your bank account but it could be used the authenticate you on a variety of websites that do not hold any sensitive information (you'd still need your CC number to make a purchase) or as a guest key to get access to a wireless connection at a cafe.

As a light security measure this is a fairly good option... just like a key/lock as described in the video.

The big point is that a criminal would have to work fairly hard to get access to an account, without knowing if the amount of work involved will be rewarded and this amount of work would have to be repeated for each account.

Re:Security for the masses (1)

Opportunist (166417) | more than 5 years ago | (#28756417)

Security for the masses? As in, say, online banking? EBay? Amazon purchases? Paypal?

There is no "light" security this could use. What needs "light" security? A board where you want to make sure the spammers are kept out? UID/Pass works fine here. The incentive to hack it isn't high enough to warrant a trojan attack (or anything similar aimed at keylogging). What's to gain? An account on a /. So you can post a few penis enlargement ads with a 4 digit ID or one with excellent karma. Erh... yes, that's super (insert cheezy thumbs-up picture here).

I don't see the need for this security feature. It adds a layer of nuisance for the normal user, and I can't see a single good example of that "middle ground" where it would make sense to have more security than UID/pass but don't require the high level of security based on mobile TAN and whatnot that banks use (or should use).

My microwave is Passwindow protected. (1)

goodmanj (234846) | more than 5 years ago | (#28756207)

When I moved into my new house, the digital readout on my microwave oven got bumped around, and 2/3 of the LED segments stopped working.

Basically, my microwave's clock is now a PassWindow system for which I don't have the cool transparent keycard.

But since I know what I'm looking at is numbers, it didn't take me long to figure out which LED segments were dead, and now I can read the display just fine even though it's busted.

The same is true for Passwindow. I bet that with 5-10 instances of ciphertext and the knowledge that the cleartext is a numeric code, you could work out the key.

(PS: Yes, I could take my microwave apart and fix the LED display, but I'm not real excited about doing that because IT'S A FREAKING MICROWAVE.)

Patent... (1)

leuk_he (194174) | more than 5 years ago | (#28756361)

The solution is simple this, build a passkey alike system that will light up in the apropioate microwave oven. Nobody will tamper with it because "IT'S A FREAKING MICROWAVE"

Re:My microwave is Passwindow protected. (2, Insightful)

radtea (464814) | more than 5 years ago | (#28756431)

The same is true for Passwindow. I bet that with 5-10 instances of ciphertext and the knowledge that the cleartext is a numeric code, you could work out the key.

So what? Getting 5 - 10 instances of the ciphertext is a barrier to entry that PassWindow provides. Is it uncrackable? Of course not. But then again, what is?

If you lock the door of your house or your car, you should take PassWindow seriously, because clearly you believe that "trivially breakable security is better than none." If you didn't, you'd leave your house and car unlocked.

Re:My microwave is Passwindow protected. (1)

maxume (22995) | more than 5 years ago | (#28756721)

The question is whether it is worth the hassle in situations where a token device is not (a physical token device is far more secure than this system).

Am I confused? (1)

StellarFury (1058280) | more than 5 years ago | (#28756303)

How is this more secure than a key? Like an honest-to-goodness, metal-object-you-stick-in-a-lock, physical key? Thread consensus seems to be that you could copy a PassWindow, just like you can copy a key. And if you steal someone's PassWindow, you can access all the things that are tied to that PassWindow. Unless I'm missing the essential element that ties you to your specific piece of plastic.

Haven't there been tons of discussions about why using flash drives to store passwords is a really bad idea, simply because the risk to your physical media being stolen is much higher than the risk of your passwords being divulged? Sure, it might be an interesting concept for "unhackable" encryption (though this thread appears to have disputed that pretty readily), but does it do anything to prevent social engineering the way a strong password or PIN does?

Summary considered harmful. (0)

Anonymous Coward | more than 5 years ago | (#28756329)

Two problems.

First, "Is it secure?" is not a sensible question. It depends on the threats, and on what else is involved in the system.

Second, the summary displays a horribly mistaken interpretation of the meaning of "one-time pad." A one-time pad derives its security from the fact that the same information is never used more than once (it's right there in the name). The instant your system reuses a single bit of information from the key, you do not have a one-time pad. "Different subsets" of the key is NOT the same thing unless they are DISJOINT subsets. One-time pads must necessarily be at least the same size as the data they will be used to hide. Don't let "almost" or "like" or "sort of" a one-time pad give you a false sense of security - nothing is more secure than a properly used one-time pad, but few things are less secure than a re-used one-time pad. The pattern of lines is analogous to the key in a shared-key encryption system, not to a one-time pad.

WATCH THE VIDEO (2, Insightful)

gurps_npc (621217) | more than 5 years ago | (#28756367)

If you watch the video, you can quite easily see that:

1. The security card is extremely cheap, looks it, and like all such cheap security measures, easy to crack. It was designed to be built into a MasteCard (at basically less than $1 per card), not built into your top secret government code-key.

2. It is not intended as the kind of super-secret security. It is CHEAP security - like one of those chains you put on your front door. It doesn't keep the mafia out, it keeps the obnoxious delivery boy out.

3. If used properly, it can prevent the kind of fraud it is intended to prevent - when Amazon mistakenly sells a hard drive full of your credit card numbers that the morons forgot to encrypt, they will skip your credit card number because it is NOT worth the trouble to deal with the code, especailly when a bunch of other credit card companies don't use the security.

4. This is a great form of CHEAP security, and if all you want is CHEAP security, then it is well worth it.

Why not just use a house key instead? (1)

kunakida (886654) | more than 5 years ago | (#28756373)

There's nothing two-factor about this solution.
Someone just has to steal (or take) the plastic thingie from you and now they can get in but you can't.

If you first had to login normally (using a memorized password) and second hold the plastic up to see the one time pad then you could say it was two-factor.

A two-factor key cannot be allowed to have just a single point of failure.

Then there is the recovery problem afterward. At least after a stolen housekey you can just bust in and then fix your door.
What do you do when the plastic thingie goes missing?

Do you need a back door? And how secure would that be?

Or can you get another plastic thingie exactly the same? Only to use it once to get in so you can then register another (uncompromised) one.
Not to mention that if you can get a replacement plastic thingie exactly the same, then maybe somebody else can too.

Clever idea, but problematic (1)

bbasgen (165297) | more than 5 years ago | (#28756521)

This is an innovative approach, but the current implementation outlined on his website would not be effective for sections of the population and in some uses (e.g. in stores, etc). That said, this could be effectively deployed with an opt-in system and branded as an "online only" credit card. That said, I would be more interested to see the math behind the "one time password" approach. How exactly does this system work? Does this require the card company to issue some code to vendors for each transaction? Interesting, but is that practical?

Re:Clever idea, but problematic (1)

mdmkolbe (944892) | more than 5 years ago | (#28757223)

It would be more likely that the card company would require all transactions to go through a confirmation page that the card company sets up. Visa already does this [slashdot.org] .

As far as the math goes it is pretty simple. You have a secret key "k" and a publicly known function "f". The website sends you a challenge "c" that changes each time. You have to respond with a reply "r" that you compute by applying "f" to "k" and "c" (i.e. "f(k,c)"). This "r" is the "one time password" since it changes each time even though "k" stays the same. The advantage here is that (1) "k" is never sent across the wire (only "c" and "r" are) and (2) since "c" changes for each transaction, replay attacks don't work.

With PassWindow, the "k" is the pattern of lines in the window, "c" is the image the website sends you and "f" is the result of overlaying the two images and interpreting the resulting image as a number.

This sort of system is only strong if (1) there are a lot of "c" to choose from (so there are no repeats which would make replay attacks possible), (2) it is hard to fabricate "r" from "c" without knowing "k" (e.g. "f(k,c)=hash(k)+c" is bad) and (3) it is hard to figure out "k" even when you know lots of "c" and "r" pairs (e.g. "f(k,c)=k XOR c" is bad). The PassWindow system fails on part (3). I don't know how many pairs it would take to crack it but it shouldn't be that many.

Personal PIN Number. Yesh. (0)

Anonymous Coward | more than 5 years ago | (#28756533)

Deja vu all over again.

OK this is not good. What would be good? (1)

140Mandak262Jamuna (970587) | more than 5 years ago | (#28756807)

Looks like it is a simple device good enough to may be authorize coke vending machines and such like.

Let us say I willing to put up with some hassle, but I want really good security. What is the best choice? Like I register a cell phone number with the bank. Bank texts a new passcode everytime I want to login to my phone. Would it be secure?

Sounds like an changed version of print (1)

gubers33 (1302099) | more than 5 years ago | (#28756813)

Printing companies have been using this method of authentication and reading of confidential material for years. They print patterns like this on boxes or products hidden and have people go into stores to verify that the store is selling an authentic product. Colgate started doing this after a Chinese company was importing toothpaste under the Colgate brand. It is also used just for sending secure messages where only the reader has a window that will work to read the printed code.

Screen resolution (1)

Bert64 (520050) | more than 5 years ago | (#28756849)

So what happens if someone uses a screen which uses a different DPI to the one intended by the creator of this device?
Nothing will line up and you won't get any readable output from it unless you resize the image on screen to the appropriate size...

On a system which automatically works out your DPI, this could work... However the majority of systems (windows, osx) don't...

Passwindow LCD? (0)

Anonymous Coward | more than 5 years ago | (#28757117)

I think it all sounds like a quite good idea. Granted it has some obvious wekanesses, and the "OTP" security factor might be greatly overstated.

Just replacing the static "passwindow image" with an dirt-cheap translucent LED display and suddenly the system would be more than reasonably secure.
Have the card change it's pattern every-so-often and most of the security issues with the card would be gone, as would most of the price benefit for that matter.
But seriously, why such an elaborate scheme to solve a problem that has already been solved by OTP (One Time Passwords) print-out cards?

If widely used, tracking will be simple. (1)

ooglek (98453) | more than 5 years ago | (#28757171)

Once you know how it works, it's easy to assign a numeric value for each LCD window. Conveniently there are 7 panes that make up an LCD, with each one either on or off. Huh, seems very similar to ASCII. You come up with a standard representing that (maybe there is one?), and now I can use ASCII to describe which of the lines are on or off. Using top-to-bottom, left-to-right the one in the video could be described as:

0110010 _ 0011000 0100010 _ 0011001 0010100

2_chr(24) "_â â

OK, so it's not perfect, but still, it would be easy to convert to an easily storable value. Once that is done, you can go further to decode the challenge with a script, and voila, you have all the stuff you need to use the card fraudulently. It would take a bit more work, but once you have it, you're toast.

Not only that, but it would be fairly easy to reverse engineer. Now it WOULD make it harder for people to steal the database and use the card, since that's not stored by any of the merchants who accept cards, so a DB dump from an ecommerce site would result in less fraud if this were widely implemented. Recurring transactions would be problematic though; how could I rebill a credit card each month for a dynamic number without the cardholder entering in the code? And who is generating the challenge? Me? The credit card purveyor? How? Are they sending me an image, or just numbers and I have to generate the image?

A unique idea, and it does solve the problem of stealing credit card databases. And it is cheap and easy to put on a card, it's the whole backend system that is the biggest challenge. Though if Payflow Pro (PayPal) and Authorize.net implemented it, it would probably do a lot of damage to the card fraud industry.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?