Is Real-time Phishing Eliminated with FIDO? Social Engineering Downgrade Attacks against FIDO Protocols

FIDO’s U2F is a web-authentication mechanism designed to mitigate real-time phishing—an attack that undermines multi-factor authentication by allowing an attacker to relay second-factor one-time tokens from the victim user to the legitimate website in real-time. A U2F dongle is simple to use, and is designed to restrain users from using it incorrectly. We show that social engineering attacks allow an adversary to downgrade FIDO’s U2F to alternative authentication mechanisms. Websites allow such alternatives to handle dongle malfunction or loss. All FIDO-supporting websites in Alexa’s top 100 allow choosing alternatives to FIDO, and are thus potentially vulnerable to real-time phishing attacks. We crafted a phishing website that mimics Google login’s page and implements a FIDO-downgrade attack. We then ran a carefully-designed user study to test the effect on users. We found that, when using FIDO as their second authentication factor, 55% of participants fell for real-time phishing, and another 35% would potentially be susceptible to the attack in practice

ABSTRACT Integrity Regions: Authentication Through Presence in Wireless Networks

We introduce Integrity (I) regions, a novel security primitive that enables message authentication in wireless networks without the use of pre-established or pre-certified keys. Integrity regions are based on the verification of entity proximity through time-of-arrival ranging techniques. We demonstrate how I-regions can be efficiently implemented with ultrasonic ranging, in spite of the fact that ultrasound ranging techniques are vulnerable to distance enlargement and reduction attacks. We further discuss how I-regions can be used in key establishment applications in peer-to-peer wireless networks. Categories and Subject Descriptors C.0 [Computer-Communication Networks]: [Security and protection

Location Privacy of Distance Bounding Protocols

Distance bounding protocols have been proposed for many security critical applications as a means of getting an upper bound on the physical distance to a communication partner. As such, distance bounding protocols are executed frequently, e.g., to keep node locations up to date, etc. We analyze distance bounding protocols in terms of their location privacy and we show that they leak information about the location and distance between communicating partners even to passive attackers. This location and distance information may be highly sensitive since it can form the basis for access control, key establishment, or be used as input to location aware applications. We analyze, in a number of scenarios, how much information distance bounding protocols leak. We further discuss several straightforward countermeasures and show why they do not provide adequate protection against distance leakage. Finally, we propose a location private distance bounding protocol that maintains the properties of existing distance bounding protocols while leaking no information about the distance measured between the communicating parties

Realization of RF Distance Bounding

One of the main obstacles for the wider deployment of radio (RF) distance bounding is the lack of platforms that implement these protocols. We address this problem and we build a prototype system that demonstratesthatradiodistanceboundingprotocols can be implemented to match the strict processing thattheseprotocolsrequire. Oursystemimplements a proverthat is able to receive, process and transmit signals in less than 1ns. The security guaranteethat adistancebounding protocolbuilt ontop ofthis systemthereforeprovidesisthatamaliciousprovercan, at most, pretend to be about 15cm closer to the verifier than it really is. To enable such fast processing at the prover, we use specially implemented concatenation as the prover’s processing function and show how it can be integrated into a distance bounding protocol. Finally, we show that functions such as XORandthecomparisonfunction, thatwereusedin a number of previously proposed distance bounding protocols,arenot bestsuited forthe implementation of radio distance bounding.

Location Privacy of Distance Bounding Protocols

Distance bounding protocols have been proposed for many security critical applications as a means of getting an upper bound on the physical distance to a communication partner. As such, distance bounding protocols are executed frequently, e.g., to keep node locations up to date, etc. We analyze distance bounding protocols in terms of their location privacy and we show that they leak information about the location and distance between communicating partners even to passive attackers. This location and distance information may be highly sensitive since it can form the basis for access control, key establishment, or be used as input to location aware applications. We analyze, in a number of scenarios, how much information distance bounding protocols leak. We further discuss several straightforward countermeasures and show why they do not provide adequate protection against distance leakage. Finally, we propose a location private distance bounding protocol that maintains the properties of existing distance bounding protocols while leaking no information about the distance measured between the communicating parties

Secure Positioning of Wireless Devices with Application to Sensor Networks

So far, the problem of positioning in wireless networks has been mainly studied in a non-adversarial setting. In this work, we analyze the resistance of positioning techniques to position and distance spoofing attacks. We propose a mechanism for secure positioning of wireless devices, that we call Verifiable Multilateration. We then show how this mechanism can be used to secure positioning in sensor networks. We analyze our system through simulations