wok-key: dealing with keyloggers on net-cafe computers

VirginSnow at vfemail.net VirginSnow at vfemail.net
Thu Aug 27 13:27:35 EDT 2009 

Chip Marshall <chip at 2bithacker.net> writes:

> On August 26, 2009, Tom Buskey sent me the following:
> > You *can* do pre generated OTP lists. I've seen it done with
> > NetBSD in '00. No token, just a list on a PDA or paper.
> 
> I think any modern PAM implementation includes S/KEY mechanisms.
> I used this when logging into my personal server through a serial
> terminal at my school, as I had no idea what the security on the
> serial line was like.

A second vote for the S/KEY infrastructure, here.  That's just the
kind of thing S/KEY is meant for.  Of course, protecting the storange
and transfer of the key list would be important.

Some additional thoughts...

If you're going to be using an untrusted host to access trusted data,
it makes sense to sandbox any access which is granted.  So say, for
instance, you login remotely to check your mail.  chown all your mail
with a "remotemail" group and login under that group.  That way, there
can be no fiddling with your ~/.bashrc, ssh keys, etc.  At most, the
attacker could only muck up your email.  Create a separate group for
each "category" of resource you wish to access remotely like this.

Another authentication technique which is both secure and easy to
implement is a challenge-response algorithm, like that used in APOP.
The server generates a timestamp and a random challenge.  You type
them into your PDA, the PDA concatenates the timestamp, challenge, and
password into one long string and calculates a cryptographically
secure hash.  You type the hash into the login screen, and the server
can authenticate your "response" to its "challenge".  All it would
require is a handheld device that can do MD5, SHA1, or the like and
some simple modifications to the server's authentication code.

Even if you don't have a PDA, most graphing calculators could be
programmed to do a simple hash.  And, although it would not foil a
determined attacker, you could foil keyloggers even if you replaced
the hash with a simple checksum.  If you want to get REALLY low-tech,
you could even use the authentication data (challenge, timestamp, and
password) to seed a linear shift PRNG computed with a four-function
hand calculator.

More information about the gnhlug-discuss mailing list