EpisoPassの論文発表スライド.
(expanded from EpisoPass slides このページは編集しないでください)
EpisoPass: Password Management based on Episodic Memories
Toshiyuki Masui
Keio University, Japan
masui@masui.org
Presented at Passwords2016
Demo: EpisoPass
Get my password!
Passwords today
Tremendous number of password-based services and systems
Never die out in the near future
We have to live with passwords
Problems of passwords
(Many problems known to everybody here)
...
Very difficult to remember strong passwords
Extra techniques required
How do Asian people use passwords?
How do Asian people use passwords?
Using numbers and alphabets only
Inadequate for kids and old people
Small kids cannot use alphabets
Old people cannot remember alphabetical passwords
People use Japanese characters for IDs (e.g. 増井)
Hiragana keyboard
10 consonants × 5 vowels = 50 keys
Almost all the Japanese people can use it
Japanese input for iPhone
Very popular in Japan
Not used for password input
Fundamental problem
New information is easily forgotten
Fundamental problem
New information is easily forgotten
Any kind of texts and images are forgotten
Fundamental problem
New information is easily forgotten
Any kind of texts and images are forgotten
Impossible to make them rememberable
Solution
Generating passwords from something we never lose
fingerprints
old memories
Logical consequence
Facts
We have to use passwords
We forget passwords
⇒ possible solutions:
Use special devces for remembering passwords
Use something we never lose
EpisoPass
Generating passwords from episodic memories
Not use strings directly related to memories
Use “seed strings” for different services
Select the right answer from many fake questions
Demo: EpisoPass
Get my passwords!
Demo: Browser extension
Logging into Amazon from browsers
Demo: Android apps
Use simpler HTML
Easily converted to Android/iPhone apps
Compiled on the server based on the Q/A data
Experiences
“Dogfooding” for 4 years
Never lost a password since 2013
No successful attack observed
All info on the Web
Password generation algorithm
Calculates a hash value from Q/A pairs
Generates a password based on the hash value and character substitution
Advantages
No need for remembering new information
Questions and answers can be put on the Net
Searchable on Google
Safer if handled with care
No “master password” required
Needs nothing to remember
Problems
Q/A pairs should be carefully designed
Easily attacked
Difficult to select good questions
Takes time to provide fake answers
Takes time for selectiong right answers
Fragile to shoulder surfing
Problems of selecting good questions
People are not good at creating good questions
People tend to use bad questions
Bad questions
Information on the net
e.g. Where did I live when I was 20?
Might be on the blog
Shared knowledge
e.g. What is my mother's maiden name?
Taste-based questionnaire
e.g. What color do I like best?
Tastes are not stable
Boastable episodes
e.g. With whom did I have secret relations?
Good questions
Trivial bad experiences
e.g. Where did I cut my leg when I was small?
e.g. Who hit me when I was 6?
Secret bad memories
e.g. What did I steal from grandma's house?
Use person names and location names
Easy to create fake answers
Possible attacks
Trying all QA pairs
Online attacks unlikely
Offline attacks possible
Asking questions to many people
Creating questions
Fun for some people (like me)
Support tools required
Creating fake answers
Generating similar names
Frankfurt ⇒ Bonn, Köln, Essen, Koblenz, ...
Bill ⇒ Steve, Edward, John, Ken, ...
Takes time to answer all questions
Usually we don't have to type passwords every time
Browsers remember them
.ssh/id_rsa fille We can use EpisoPass only once in a while
Password leaks
If one of the passwords is revealed to an attacker, all the answers can be known by brute-force attacks
Solutions
Make Q/A pairs secret
Use many Q/A pairs
Use secret seed strings
Conclusion
Simple idea, but useful
at least very useful for me
Support tools required for attracting more people