User Authentication

The most common mechanism for user authentication is a username and text pass-word. In most cases, the user’s password is sent after the secure, encrypted con-nection to the server is established via TLS. TLS is an an updated version of Se-cure Sockets Layer (SSL). TLS uses Public Key Infrastructure (PKI) certificates to authenticate the server, i.e. websites, by installing trusted certificates on client’s browsers. The weaknesses of text password authentication are well researched, but the alternatives offered have weaknesses that mean that username and password authentication will stay in use for some time [85, 109].

Another widely used and persisting type of authentication are Personal Identi-fication Numbers (PINs). PINs are passwords that consist of only digits and were

initially used for systems with mainly numeric input, e.g. at Automatic Teller Machines (ATMs). In spite of well known weaknesses, small password space and memorability problems [7], they also continue to be used. They have also been widely adopted as a password choice for mobile phones and chip and PIN credit card transactions.

Alternative authentication schemes suggest using two-factor authentication; send-ing one-time password (OTP) tokens out-of-band to the user [158, 90]; introducsend-ing variations of Password Authenticated Key Exchange (PAKE) protocols [118, 176];

or using graphical passwords [40, 205, 216].

Two-factor authentication. For two-factor authentication, the user is re-quired to satisfy two criteria in order to prove its identity. As phishers normally hold only a password as a means to impersonate a user (as one criteria), as long as the second criteria/token is safe, the phisher will not be able to impersonate the user. Most two-factor authentication schemes use shared secrets, tokens (USB token devices, smart cards, or password-generating tokens) [189, 90] or biometrics.

Shared secrets are questions that are asked during the authentication process, which a fraudster would be unlikely to be able to answer. The most widely used form of two-factor authentication is when withdrawing money using an ATM, where the user must present both an ATM card (something the person has) and a password or PIN (something the person knows).[73]

Another widely deployed second-factor authentication mechanism is the use of one-time password (OTP) tokens.

One-time passwords. In response to phishing, banks, governments, and other institutions are deploying one-time passwords (OTP), i.e. passwords that are valid for only one login session or transaction. Using OTP as a second factor has been suggested and adopted by many commercial institutions (RSA SecurID [189]). OTP tokens can be sent out-of-band to the user, for example as an SMS to the user’s

phone, e.g. Google Gmail [92]; in the form of transaction numbers (TANs) - adopted by various banks, or quite recently, combining with graphical passwords [45]. OTP tokens are devices that generate random passwords that are only valid for a single use, hence limiting the amount of damage should the password be intercepted by a phisher. Also, for time-based tokens, the generated OTP is only valid for a limited, short time period, requiring a phisher to act immediately. In organised phishing schemes, where collected passwords are sold to other parties, use of OTPs would protect the user.

Paterson in [176] considers the use of one time passwords in the context of PAKE, which allows for mutual authentication, session key agreement, and resistance to phishing attacks.

Password Authenticated Key Exchange (PAKE). PAKE research explores an alternative approach to protecting passwords without relying on a PKI. PAKE schemes only require that a human memorable secret password is shared between the participants. Using PAKE by itself does not protect against phishing, as keyloggers can record the password. Also, if PAKE is to be used for web authentication both server and client side need to be changed and must participate in the PAKE protocol.

Some of the PAKE anti-phishing protocols employ zero-knowledge authentication, which is a practical application of the concept of a zero-knowledge proof (ZKP). In a zero-knowledge proof, one party can confirm whether or not a statement is true without revealing any other property about the statement. Others combine it with TLS. The deployment problem with these schemes is the high computation cost.

[104]

Graphical passwords. Graphical passwords is another notable user authenti-cation type that has been researched as an alternative to text passwords. Graphical passwords can be defined as knowledge-based authentication mechanisms where im-ages or sketches are used as a pre-defined secret between the user and the server

[30]. Graphical authentication schemes usually ask users to perform some kind of image-based task to login. The main advantages of using graphical schemes as an alternative to textual passwords are as follows:

ˆ Increased memorability - they utilise the psychological finding that the hu-man’s ability of remembering images is far superior than remembering text [171].

ˆ Easier to use on smaller or touch screen devices.

Graphical schemes can be classified into three categories [30]:

1. Recognition-based : In recognition-based graphical passwords, users need to recognise and then select a set of correct images from a larger set, e.g. [173].

2. Cued-recall : In cued-recall, the images cue the user, for example, to click a set of points on an image, e.g. [205, 40].

3. Recall-based : In recall-based, users are required to recall a password without any cues, such as drawing a doodle in Draw-A-Secret (DAS) [130, 209].

A number of graphical authentication schemes have been proposed [148, 41, 205, 101, 54]. Everitt et al. [72] studied multiple graphical passwords in a real usage situation, i.e. where users have multiple graphical passwords and they use them infrequently. Their study shows that the time required to authenticate can be significantly impacted by frequency, interference, and training even when the failure rate is not. They suggest that the design of systems that utilise graphical passwords in applications needs to take into account realistic estimates of the time that will be required to authenticate using a particular graphical password system. However, Stobert and Biddle [205] found that authentication schemes leveraging both recall and recognition memory have good memorability and also that login times were faster than in schemes utilising only recognition-based graphical password.