Spyware Resistant Web Authentication Using Virtual Machines
Collin Jackson, Dan Boneh, and John Mitchell of Stanford have developed a neat system, called Spyblock, for entering sensitive information into Web browsers so that it can’t be sniffed by spyware. Users browse the Web in a virtual machine (VM). However, sensitive information is only entered in secure environment (outside the VM, but typically on the user’s same machine) and injected into the outgoing data stream. A browser extension is used to facilitate the transactions between the secure and insecure environments.
Spyblock also includes a number of other features:
1) A “transaction confirmation” feature so a user can detect the presence of active malware (i.e., malware that tries to conduct malicious transactions surreptitiously by piggybacking on top of an existing user session).
2) Support for password authenticated key exchange (PAKE), which provides added security against dictionary attacks and also provides mutual authentication.
3) Support for password hashing, which is a tool that allows one to use different passwords at different sites, all of which are derived from the same global password. In this way, even if a site-specific password is compromised, the damage is limited to only a specific site.
4) Use of a user-specified image so an attacker can’t spoof the window in the secure environment into which a user enters his password.
The first two require some back-end server support whereas the last two do not.
On a related note, Microsoft has been planning an offering called Infocard that not only acts as a password manager but is apparently deeply embedded in a secure process in the OS (so, as a result, also resists malware).
Both Infocard and Spyblock aim to create a secure environment where sensitive information can be entered. Microsoft is leveraging its ownership of the operating system to provide a safe haven whereas Spyblock is making use of a virtual machine to effectively separate the secure area from the insecure one.
Malware is definitely an issue and it’s great to see that an effort is being made mitigate the damage caused.
For further reading, please visit the following::
• The Spyblock Web site: http://www.getspyblock.com/(This site includes the plug-in download and a technical paper)
• Dan Boneh’s Web site: http://crypto.stanford.edu/~dabo/
• John Mitchell’s Web site: http://theory.stanford.edu/people/jcm/
• Collin Jackson’s Web site: http://www.collinjackson.com/
• Johannes Ernst’s Web blog: http://netmesh.info/jernst/Digital_Identity/what-is-msft-infocard.html (contains information on Infocard)
• Kim Cameron’s Web blog: http://www.identityblog.com/ (Kim is the main architect behind Infocard)