Provably secure browser-based user-aware mutual authentication over TLS.

The standard solution for user authentication on the Web is to establish a TLS-based secure channel in server authenticated mode and run a protocol on top of TLS where the user enters a password in an ... We tackle this problem by proposing a protocol that allows the user to identify the server based on human perceptible authenticators (e.g., picture, voice). ... Browser-Based Mutual Authentication Protocol based on TLS In this section we describe our protocol for browser-based authentication based on the standard TLS protocol. ...

doi:10.1145/1368310.1368354 dblp:conf/ccs/GajekMSS08 fatcat:tjphjhavhbgntpdph4zmglx3wq

Index Terms-TLS security, Computer network security, Internet security, Public key cryptography, Man-in-the-middle. ... secure trusted path between the web user and the service. ... Since all secure web servers and all web browsers support TLS, web users can enjoy strong protection of transaction messages over the public network. ...

doi:10.1109/icastech.2009.5409720 fatcat:5vico3lsdnfitprmnspb7bzl2m

We investigate known security flaws in the context of security ceremonies to gain an understanding of the ceremony analysis process. ... The term security ceremonies is used to describe a system of protocols and humans which interact for a specific purpose. ... The protocol that Gajek et al. proved to be secure, what they called browserbased user-aware mutual authentication over TLS, is a non-trivial security ceremony. ...

doi:10.1007/978-3-642-21424-0_9 fatcat:3fz756n32ng6bgehrzt46a4h7a

Internet users today depend daily on HTTPS for secure communication with sites they intend to visit. ... Meanwhile the number of browser-trusted (and thus, de facto, user-trusted) certificate authorities has proliferated, while the due diligence in baseline certificate issuance has declined. ... We acknowledge funding from the Natural Science and Engineering Research Council (NSERC) through a PDF (first author), Canada Research Chair in Authentication and Computer Security (second), and NSERC ...

doi:10.1109/sp.2013.41 dblp:conf/sp/ClarkO13 fatcat:xtazjddqd5d4bad5eqdkl5hvnq

The scheme employs a GAA-enabled user device and a GAA-aware server. ... The Generic Authentication Architecture (GAA) is a standardised extension to the mobile authentication infrastructure that enables the provision of security services, such as key establishment, to network ... accesses the security services provided by the BSF, and has the means to establish a mutually authenticated secure channel (e.g. as provided by SSL/TLS) with the BSF. ...

doi:10.1007/s11036-011-0329-z fatcat:qttu4zcy2ngzfnz5cw4c2sp62a

The resulting protocol provides secure mutual authentication and key establishment over an insecure channel. It does not have to resort to a PKI or keys and certificates stored on the users computer. ... However, the adoption of password-based key-exchange protocols can overcome some of these problems. ... These protocols provide key exchange with mutual authentication based on weak secrets (e.g., passwords). ...

doi:10.1145/501963.501965 fatcat:6u52lfbgtndshn2zvnkre6y74q

However, the security guarantees of TLS fall short of those of a secure channel, leading to a variety of attacks. ... We also demonstrate new ways to exploit known weaknesses of HTTP over TLS. We investigate the root causes for these attacks and propose new countermeasures. ... Figure 1 shows the full handshake with mutual authentication. ...

doi:10.1109/sp.2014.14 dblp:conf/sp/BhargavanDFPS14 fatcat:7jt2pm6vpzd65ijps7a7mclldu

It is an extension of the concept of network security protocol and includes user interface and human-protocol interaction. ... The model examines anti-phishing authentication tasks that a human needs to apply, how users process these additional authentication tasks and how these tasks impact the human's decision outcome. ... Provably Secure Browser-Based User-Aware Mutual Authentication over TLS [7] . ...

doi:10.20533/ijisr.2042.4639.2015.0060 fatcat:3zz5xwffvbcllmwbvbnxrh6wgm

To the best of our knowledge, we are the first to propose such various and provably secure password-based authentication schemes. ... In this paper, we propose several protocols that can allow a user to use a single password to authenticate to multiple services securely. ... In cases where TLS is not feasible or the user is fooled into connecting to an impersonating server even over TLS, and assuming the sessions are short-lived compared to the time it takes to crack this ...

doi:10.1016/j.comnet.2013.05.007 fatcat:qs724vx4bjhyxlsfi3dxawqkq4

Federated identity management systems aim at increasing the user-friendliness of authentication procedures, while at the same time ensuring strong authentication to service providers. ... This paper presents a new flexible approach for user-centric identity management, using trusted modules. ... Hence, an authentication module is implemented that interacts with the browser plugin and handles authentication transparently. Web developers, hence, need not be aware of the authentication logic. ...

doi:10.1016/j.mcm.2012.06.010 fatcat:angbjoejd5b67eieos5qyhllsm

Szczepanski

for TLS 1.3. ... In the development of TLS 1.3, the IETF TLS Working Group has adopted an "analysis-prior-to-deployment" design philosophy. This is in sharp contrast to all previous versions of the protocol. ... Van der Merwe was supported by the EPSRC as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London. ...

doi:10.1007/978-3-319-49100-4_7 fatcat:33ngau3bv5a5lb3purmdqqtmxe

Such attacks went unnoticed mainly because mcTLS lacked a formal analysis and security proofs. Hence, our second contribution is to formalize the goal of accountable proxying over secure channels. ... Third, we propose a provably-secure alternative to soon-to-be-standardized mcTLS: a generic and modular protocol-design that carefully composes generic secure channel-establishment protocols, which we ... TLS 1.3 was designed to (provably) guarantee composable AKE security, unlike TLS 1.2. ...

doi:10.1109/sp.2018.00021 dblp:conf/sp/BhargavanBDFO18 fatcat:hml3dbswn5g4fpoi46eidiqsh4

The Transport Layer Security (TLS) protocol is designed to allow two parties, a client and a server, to communicate securely over an insecure network. ... We also propose a new design for Keyless TLS 1.3 and prove that it achieves 3(S)ACCEsecurity, assuming that the TLS 1.3 handshake implements an authenticated 2-party key exchange. ... The queries from MW to the key server S are performed over a mutually-authenticated TLS channel. ...

doi:10.1109/eurosp.2017.52 dblp:conf/eurosp/BhargavanBFOR17 fatcat:7t2lmrzhrnhppanpe3d5d4zlgq

., anonymous credentials, Privacy Attribute-Based Credentials, and domain signatures) fail to address, at least in an obvious way, the minimal security and practicality requirements. ... A web-based implementation of the protocol has been developed and compared to other approaches and systems. ... Initially, we assume that all communication in Phase A is done over a mutually authenticated and secure channel. ...

doi:10.3390/electronics9091415 fatcat:adtzrba6jfbijfduhh3twavuyi

DOAJ

The ultimate source of user discomfort is the lack of control over personal raw data that is directly streamed from sensors to the outside world. ... As such, privacy is a core requirement in any IoT ecosystem and is a major concern that inhibits its widespread user adoption. ... The authentication phase establishes key-based authentication using mutual communication. ...

doi:10.1155/2018/1032761 fatcat:j76yhuc5rjhvbifkk5foq3klzq

DOAJ

Provably secure browser-based user-aware mutual authentication over TLS

Preserved Fulltext

In-the-wire authentication: Protecting client-side critical data fields in secure network transactions

Preserved Fulltext

Ceremony Analysis: Strengths and Weaknesses [chapter]

Preserved Fulltext

SoK: SSL and HTTPS: Revisiting Past Challenges and Evaluating Certificate Trust Model Enhancements

Preserved Fulltext

Ubiquitous One-Time Password Service Using the Generic Authentication Architecture

Preserved Fulltext

Secure password-based cipher suite for TLS

Preserved Fulltext

Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS

Preserved Fulltext

Evaluation of the Model for Analysing Anti-Phishing Authentication Ceremonies

Preserved Fulltext

Single password authentication

Preserved Fulltext

User-centric identity management using trusted modules

Preserved Fulltext

Reactive and Proactive Standardisation of TLS [chapter]

Preserved Fulltext

A Formal Treatment of Accountable Proxying Over TLS

Preserved Fulltext

Content delivery over TLS: a cryptographic analysis of keyless SSL

Preserved Fulltext

Design and Implementation of an Anonymous and Secure Online Evaluation Protocol

Preserved Fulltext

Towards Privacy Preserving IoT Environments: A Survey

Preserved Fulltext