gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] 01/03: modified related work

From: gnunet
Subject: [taler-anastasis] 01/03: modified related work
Date: Wed, 03 Jun 2020 17:55:36 +0200 
This is an automated email from the git hooks/post-receive script.

dennis-neufeld pushed a commit to branch master
in repository anastasis.

commit 0d57648b1212f71e0633bbb9e06878ee18f0d2ae
Author: Dennis Neufeld <dennis.neufeld@students.bfh.ch>
AuthorDate: Wed Jun 3 15:50:38 2020 +0000

    modified related work
---
 .gitignore                  |  6 ++++++
 doc/thesis/bibliothek.bib   | 14 +++++++++++++-
 doc/thesis/related_work.tex | 27 +++++++++++++++++----------
 3 files changed, 36 insertions(+), 11 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0364a3f..94ea221 100644
--- a/.gitignore
+++ b/.gitignore
@@ -100,3 +100,9 @@ src/cli/.libs/
 src/cli/.libs/anastasis-assembler
 src/cli/.libs/anastasis-splitter
 
+doc/thesis/*.aux
+doc/thesis/*.bcf
+doc/thesis/*.log
+doc/thesis/*.run.xml
+doc/thesis/*.toc
+doc/thesis/*.pdf
\ No newline at end of file
diff --git a/doc/thesis/bibliothek.bib b/doc/thesis/bibliothek.bib
index 4edca42..b06dcd7 100644
--- a/doc/thesis/bibliothek.bib
+++ b/doc/thesis/bibliothek.bib
@@ -295,5 +295,17 @@
   year={2004},
   publisher={IEEE}
 }
-
+@inproceedings{MBSS2013,
+  title={SMS-based one-time passwords: attacks and defense},
+  author={Mulliner, Collin and Borgaonkar, Ravishankar and Stewin, Patrick and 
Seifert, Jean-Pierre},
+  booktitle={International Conference on Detection of Intrusions and Malware, 
and Vulnerability Assessment},
+  pages={150--159},
+  year={2013},
+  organization={Springer}
+}
+@article{pohlmann2017,
+  title={Wenn der Softbot menschliche Identit{\"a}t best{\"a}tigt. 
Videoident-Verfahren II: Die Technik},
+  author={Pohlmann, Norbert and Frintrop, Jan-Hendrik and Widdermann, Rick and 
Ziegler, Tim},
+  year={2017}
+}
 
diff --git a/doc/thesis/related_work.tex b/doc/thesis/related_work.tex
index 86fbf2d..668de6a 100644
--- a/doc/thesis/related_work.tex
+++ b/doc/thesis/related_work.tex
@@ -76,7 +76,7 @@ The security of MIDATA as described in "Patient empowerment 
in IoT for eHealth -
 
 
 \subsection{Authentication}
-To build a secure authentication procedure, today multi-factor authentication 
is the standard \cite{multifactor_authentication}. A single authentication 
method by itself is usually highly vulnerable. But multi-factor authentication 
combines multiple authentication procedures to enhance the security of the 
system. \\ 
+To build a secure authentication procedure, today multi-factor authentication 
is the standard \cite{multifactor_authentication}. A single authentication 
method by itself is usually vulnerable. But multi-factor authentication 
combines multiple authentication procedures to enhance the security of the 
system. \\ 
 Anastasis is designed to use a wide range of authentication methods to 
authenticate its users. Even though the user in Anastasis is free to specify 
only one authentication method, we strongly recommend the use of multi-factor 
authentication. A short overview of the possible methods is presented here.
 
 \subsubsection{Password authentication}
@@ -94,24 +94,31 @@ There are several ways to implement authentication via a 
secure question:
 The first option is the easiest one. But predefining the answers has the 
disadvantage being very impersonal and inflexible. The questions must 
inevitably be very general, which allows an attacker to answer the questions 
without even having to guess. Therefore the first option is not applicable.\\
 The second option is more applicable but has some drawbacks, too. For example 
there may be questions whose answers have multiple syntactic representations 
(for example, "St." versus "Street") \cite{just2004}. Another problem could be 
a question whose answer may change over time. Asking for the favourite actor 
for example could be problematic. In addition, there is a challenge to define 
questions for all kind of people. Some people for example could not answer to 
the question, what the na [...]
 In case of the third option we also have the problematic of the second one. 
Furthermore there is the difficulty for the user to ask creative questions. A 
good question should only be answerable by the user. Also, it would be perfect 
to have the attacker on the wrong track by using ambiguities he doesn't know.\\
-FIXME: privacy concerns (personal answers must be stored)
-
+Authentication using a secure question needs personal information stored at 
the server which is critical in terms of privacy. That is why Anastasis doesn't 
store the answers of secure questions in clear text. Instead, we only store the 
hash value of an answer. Thus the user only has to provide the hash value of 
the answer and does not have to disclose any personal information.
 
 \subsubsection{SMS authentication}
-Another way to authenticate is SMS authentication. The most popular use case 
is the mobile TAN used to authorize online banking transactions. But SMS is no 
longer considered secure. The SMS authentication relies on the security of the 
mobile network, which has different possible attacks \cite{rieck_detection}. 
There are also specialized mobile Trojans which are used to eavesdrop these 
messages directly on the mobile device.\\
+Another way to authenticate is SMS authentication. The most popular use case 
is the so called Mobile TAN used to authorize online banking transactions. A 
Mobile TAN is an SMS based One-Time Password (OTP), short SMS OTP. SMS OTPs 
"were introduced to counter phishing and other attacks against authentication 
and authorization of Internet services" \cite{MBSS2013}.  But SMS is no longer 
considered secure. The SMS authentication relies on the security of the mobile 
network, which has differe [...]
 When it comes to privacy, storing a phone number is a problem. But the service 
authenticating the user needs the phone number enabling it to send a message to 
the user during authentication process.\\
 In Anastasis we also need to store the phone number to the server. But in our 
case the phone number is encrypted with a secret key only the user owns. The 
server only gets this secret key during an authentication process. Thus 
stealing the database of the server does not reveal the phone number to the 
attacker.
 
-FIXME
-Instead of using SMS one can also use other forms of messages such as email or 
physical mail. They all face the threat of interception. FIXME
+\subsubsection{E-mail authentication}
+Authentication by e-mail is very similar to SMS authentication. Here, the user 
receives an OTP by e-mail and has to provide it during authentication process.\\
+
+FIXME: drawbacks,vulnerability\\
+In Anastasis the mail address of the user is stored in an encrypted way, too. 
The user has to provide the corresponding key to the server during 
authentication process.
 
-\subsubsection{Mail authentication}
 
-\subsubsection{Videoindent}
+\subsubsection{VideoIdent}
+VideoIdent uses a video chat to verify the identity of a user. The user needs 
to show his face using a camera to an employee of the VideoIdent-service who 
verifies the correct user by a picture of the user \cite{pohlmann2017}.\\
+Prerequisites for error-free identification are a video camera with good video 
quality and a high-resolution image of the user on which the face can be seen 
very clearly. The user should also not change his outward appearance too much 
over time. A thick beard could also lead to the VideoIdent-service employee not 
being able to recognise the user correctly.\\
+For an attacker who looks very similar to the user, there is a high chance 
that the employee incorrectly confirms the identification. Therefor some 
interaction of the user is needed like for example telling the employee a short 
code which has been sent right before to the user by mail.\\
+In Anastasis the picture of the user is stored in an encrypted way. During 
authentication process the user has to provide the correct key for decryption 
to the server which provides the picture to the VideoIdent-service.
 
-\subsubsection{Postident}
+\subsubsection{PostIdent}
+It is also possible to sent a verification code to the user by physical mail. 
Of course this authentication method takes some time and there is the 
possibility the physical mail gets intercepted or lost during transmission.\\
+Anastasis does not store the address of the user in clear text. Instead the 
address is encrypted before storing and the server gets to know the address 
only during authentication process of the user.
 
 \subsubsection{Biometric authentication}
-Another way of authenticating is the biometric approach \cite{biometric_auth}. 
Biometric authentication is based on "something you are", like your iris or 
your fingerprint. There are also threats against biometric authentication. 
There are documented attacks against fingerprint and iris scan authentication. 
For example, a member of the German CCC e.V. was able to generate replicas from 
Angela Merkel's iris and Ursula von der Leyen's fingerprint \cite{ccc_merkel}. 
+Another way of authenticating is the biometric approach \cite{biometric_auth}. 
Biometric authentication is based on "something you are", like your iris or 
your fingerprint. There are also threats against biometric authentication. 
There are documented attacks against fingerprint and iris scan authentication. 
For example, a member of the German CCC e.V. was able to generate replicas from 
Angela Merkel's iris and Ursula von der Leyen's fingerprint \cite{ccc_merkel}.
 
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]