[OpenID] OpenID and phishing (was Announcing OpenIDAuthentication 2.0 - Implementor's Draft 11)

James A. Donald jamesd at echeque.com
Sat Jan 20 01:45:47 UTC 2007


 > > > do you have any suggestions on how to combat
 > > > phishing for OpenID's?

On 19-Jan-07, at 12:40 PM, Ben Laurie wrote:
 > > a) Push browser authors to add unphishable auth!

Mike Beltzner wrote:
 > Sure thing! Uhm, got the technology for that ready? :)

It has been envisaged and specified, though I have not
seen a prototype.

 > Seriously, we're very interested. It's not an easy
 > problem. If I'm missing some easy solution that solves
 > this, please hit me over the head with it 'cause I'd
 > love nothing more than to drop a bunch of these
 > working groups I'm on ...

Short answer.  Passpet.  Longer answer, passpet plus
SRP.

SRP is the final solution to phishing for shared
secrets.

SRP (http://srp.stanford.edu/) is a cryptographic
technology for password based mutual authentication.
Instead of one party who knows the password proving his
identity by giving the shared secret to the other party,
both parties prove knowledge of the shared secret
without revealing the it to each other - so phishing an
SRP login does the phisher no good.

Of course, for this to work, the SRP login has to come
up in unforgeable browser chrome, as basic and digest
access authentication does, not in the possibly hostile
web site's login page, thus requires a change in the
browser itself, or a browser extension.  It also amounts
to a change in http specification, supplementing RFC
2617 (HTTP Authentication: Basic and Digest Access
Authentication) requiring corresponding changes in web
servers, in particular requiring a new apache module,
which we would hope would eventually be incorporated
into apache.

One problem with SRP is that there are patent trolls who
claim their patent covers it.  On the other hand,
Stanford has been granted a patent, which it licenses
for free, and the fact that the patent office granted
Stanford a patent would (IANAL) create a presumption
against the patent trolls.

These trolls pop up in every IETF meeting related to
SRP, and spread uncertainty, fear and doubt to ensure
that the IETF is even more paralytic and moribund than
it usually is.

Whether or not SRP can be implemented, Passpet can be
implemented, though it seems to have succumbed to
bitrot.

The underlying technology of passpet is merely yet
another client side single signon - passpet gets a large
secret from its server, and uses that secret to
construct strong passwords on a per website basis.
However, the cool part of passpet is the user interface,
http://passpet.org/ designed to prevent fishing.



More information about the general mailing list