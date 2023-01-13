Successfully reported this slideshow.
Analyzing the Security of Smartphone Unlock PINs.pptx

Jan. 13, 2023
0 likes 0 views
Analyzing the Security of Smartphone Unlock PINs.pptx

Jan. 13, 2023
0 likes 0 views

Technology

Analyzing the Security of Smartphone Unlock PINs-Review of a Paper

Analyzing the Security of Smartphone Unlock PINs-Review of a Paper

Technology
Analyzing the Security of Smartphone Unlock PINs.pptx

  1. 1. This PIN Can Be Easily Guessed Analyzing the Security of Smartphone Unlock PINs 2020 IEEE Symposium on Security and Privacy Philipp Markert, Daniel V. Bailey, Maximilian Golla, Markus Durmuth, Adam J. Aviv
  2. 2. Overview Why Study Pins? Analysis and results User Study
  3. 3. ● Secure phone's lock screen with a password, PIN code, fingerprint, and more. ● A PIN code is a simple alternative to a password, easy to use and a backup to a biometric security option. Android allows PINs of up to 16 digits, which equates to 10 quadrillion combinations. ● While a 16-digit PIN is extremely secure, it's tough to remember. ● Most people are more likely to choose a four digit PIN, which has 10 thousand combinations. It's unlikely anyone's going to guess that, as long as you don't use something obvious like 1234 or 5555. ● PINs of 4 digit and 6 digit only provide security when paired with system controls like lockouts. BlockLists ● A blocklist is a set of "easy to guess" PINs, which triggers a warning to the user. Apple iOS devices show the warning "This PIN Can Be Easily Guessed" with a choice to "Use Anyway" or "Change PIN." Background
  4. 4. Why Pins? Iris Fingerprints and faceid are also there, why pins then? Because pins co exist with biometric. This phone can be unlock with the iris scan or pin. Biometrics never exist solely on a smartphone, it comes with the combination of knowledge based authenticator like PINs. It is important to consider attacker perspective, because in certain scenarios it makes makes more sense to try to guess the pin rather than bypassing the biometric. Because devices still require PINs, e.g., after a restart or when the biometric fails.
  5. 5. Throttle guessing and Un-throttle guessing Consider two pins 659 , 7452 . Guessing second pin is difficult because of more different combinations. Uncertainity of guessing a password increases as the length increases. In order to measure the easiness of a guessing attack following factors should be considered: 1)Entropy and randomness in the password 2)How fast can the guessing be done. Resistance against guessing can be increased by: 1. Increasing the entropy of the password : Longer passwords make it difficult for the attackers to guess the password. 2. Reducing guessing rate. But, how can we slow down the guessing rate? 1)Introducing exponential delay for every wrong guess. Consider two types of attacks : a)Throttled : consider guessing rate is 10 guesses per day. b)Un-throttled : consider guessing rate is million guesses per second. There are two primary threat models. An unthrottled attacker and throttled attacker
  6. 6. About the Paper ● Authentication on mobile devices has been studied in several contexts, including patterns and passwords, little is known about PINs used for mobile authentication. ● First study on the selection of PINs based on data collected from users . ● Report on the security of 4- and 6-digit PINs as measured for smartphone unlocking ● Against a throttled attacker with 10,30,100 guesses, Using 6 digit PINs instead of 4 digit PINs provides little to no increase in the security. ● Despite the popularity of blocklists, it is found that these blocklists are ineffective against a throttle attacker in both enforcing and non enforcing setting.
  7. 7. Research Questions ● RQ1: How secure are 4- and 6-digit PINs in the smartphone unlock setting with the rate limiting in place? ● RQ2: What are the effects of different blocklists on the security of PINs? ● RQ3: How to balance security and usability when composing a blocklist? 4 Vs 6 Small? Medium? Large?
  8. 8. Related Works 1. Previous works done in the context of Chip and PIN system, primarily concerned with the payment cards, not smartphone unlock authentication. 1. Bonneau et al. did not collect new PINs but instead relied on the digit sequences found in Leaked Passwords. 1. PINs were collected without the benefit of a controlled experiment. 1. Past works has particularly considered only unthrottled attacker model which is a perfect knowledge attacker that can exhaustively guess the PIN space.
  9. 9. ● User Chosen 4 digit pins are predictable, which is one of the two predominant PIN length. ● User chosen 6 digit pins are not any better and these chosen 6 digit pins are also predictable. ● Blocklisting popular pins can increase the overall security of the distribution. ● How secure are 4 or 6 digit PINs in the smartphone unlock setting? ● What are the effects of different blocklists on the security of PINs? ● How to balance security and Usability when composing a blocklist? What we Know about PINs? What we don’t know about PINs?
  10. 10. Who Uses Pins? 1220 Participants 461 do not use a biometric 759 use a biometric 210 use a Pin 595 use a pin Overall 805(66%) use a PIN Participants were asked whether they used biometric. The record reveals that two third use biometric authentication. For those, who do not use biometric authentication, users PIN. The % among the participants who use a pin in combination with the biometric is even greater. About 75% of them use the PIN. Conducted the first study (n = 1220) using Amazon Mechanical Turk (MTurk) on the topic where participants either selected a 4- or 6-digit PIN, the two predominant PIN lengths used for device unlock
  11. 11. Treatments 4 Digit 6 Digit No Blocklist Blocklist No Blocklist Blocklist 1.Control 6.Control 5.DD Large 3.iOS 4.DD Small 2.Placebo 7.Placebo 8.iOS Two compare 4 and 6 digit pins, a control treatment in both the lanes.Users assigned to this treatment could create any pin of the assigned length and was no blocklist on the place. A between-subjects comparison of PIN selection was conducted to understand selection strategies in the presence of a blocklist.
  12. 12. Treatments 4 Digit 6 Digit No Blocklist Blocklist No Blocklist Blocklist 1.Control 6.Control 5.DD Large 3.iOS 4.DD Small 2.Placebo 7.Placebo 8.iOS This included one small (27 4-digit PINs), one large (2740 4-digit PINs), and two blocklists (274 4-digit PINs and 2910 6-digit PINs) in use today on iOS devices, which was extracted for this purpose.
  13. 13. Treatments 6-digit Blocklist 4-digit Blocklist 5.DD Large 3.iOS 4.DD Small 2.Placebo 7.Placebo 8.iOS Placebo “Test general effect of warning” Blocklist: ● “1st choice blocked ● Any other PIN allowed iOS “Test the effect of real iOS blocklists” and not just any but the two blocklists which are used by apple on its devices. Blocklist: ● 274 PINs(4-digit) ● 2910 PINs(6-digit) Data-Driven(DD) “Test effect of different blocklist sizes” Blocklist: ● Top 27 PINs of Amitay(small) ● Top 2740 PINs of Amitay(Large) The idea here is to test whether just seeing a blocklist warning already has an impact. It includes both enforcing and non-enforcing blocklists, where participants were able to “click through” and ignore the blocklist, the approach taken by iOS. How we got these PINs?
  14. 14. Extracting the iOS Blocklists(Brute Force) Raspberry Pi, a camera and some lego bricks.Pi automatically entered all the pins and the camera shown on the lower right was used to detect whether the warning message appeared. Extraction of all 10000 4 digit PINs took 9 hrs, all testing 1 million 6 digit pins on the other hand took almost one month using two such setups in parallel. During device setup, when a PIN is first chosen, there is no throttling To test the membership of a PIN, one only needs to enter all the PINs and observe the presence of the blocklist warning, and then intentionally fail to re-enter the PIN to be able to start over Tested and verified the patterns found in the PINs .
  15. 15. Overview of Studied treatments Used 9 different treatments: 6 treatments for 4-digit PINs and 3 treatments for 6-digit PINs. Control Treatment Blocklist Treatment For each PIN length, we have a control treatment, Control- 4-digit and Control-6-digit, that simply primed participants for mobile unlock authentication No blocklist Interaction Another treatment is blocklist Treatment. Presence of blocklist There are two types of blocklist implementations: enforcing and non enforcing. An enforcing blocklist does not allow the user to continue as long as the selected PIN is blocked; the user must select an unblocked PIN. A non-enforcing blocklist warns the user that the selection is blocked, but the user can choose to ignore the feedback and proceed anyway. At the end of the study, 851 and 369 PINs, 4- and 6-digits was collected respectively, for a total of 1220 PINs as the core dataset.
  16. 16. Design of User Study Consent Practice Priming PIN Creation Notified participants that they would be required to select PINs in different treatments, but did not inform them of any details about blocking that might be involved in that selection highlighted the smart phone unlock setting again because it was needed to make sure that participants had this scenario in mind when creating a pin. Actual pin selection took place. Participants selected either 4-digit or 6- digit pin depending on the treatment they were assigned to. If they are assigned to a blocklist treatment and enter a blocked pin then, they saw the following warning. Participants practiced with the PIN entry screen, which mimics typical PIN selection. At this point there wasn’t any blacklist in place
  17. 17. Design of User Study Consent Practice Priming PIN Creation Follow up Questionnaires Recall Demographics follow up questions about the PIN selection process and the blocklist warning at the very end their demographics was collected. participants were asked to recall their earlier selected PIN
  18. 18. Priming information provided before the participants were asked to create a PIN. A lock icon used to prime notions of security. The design of the page on which we asked the participants to create a PIN. The PIN has to be entered on the virtual PIN pad. Blocklist warning with the ability to “click through.” Blocklist warning without the ability to “click through.”
  19. 19. ● Asked 367 participants who faced a blocklist how their creation strategy changed. ● Sampled 126 reponses and group them into 3 categories - who “use same strategy”, “made minor changes”, “New strategy” ● Inter rater reliability score after coding the data came out to be k=0.96. ● About 50% of the participants chose a new strategy when faced a blocklist warning. ● Only participants of the DD-4-27 treatment with a very small blocklist keep their pre warning strategy while some changed only 2 digits. ● Found that there are significant differences across treatments when considering Likert responses for security. PIN changing strategy and User Perception of Security and Usability
  20. 20. ● The presence of blocklist for 4 digit PINs increases the security perception of the final PIN selected. ● No significant differences for the 6 digit PIN users after encountering blocklists. ● Increased interaction with the blocklists led to lower perceived memorability of PINs. ● No any significant difference between convenience levels between 4 and 6 digit PINs. ● The study results suggest that while a user may be comfortable with their first choice 6 digit PIN, there is much higher perceived inconvenience for their second digit 6 digit PIN. User Perception of Security and Usability
  21. 21. Attacker Model ● There are a number of methods to crack a user’s password, but the most prominent one is a Password Guessing Attack. ● An unthrottled attacker can guess offline, indefinitely, until all the secrets are correctly guessed, while a throttled attacker is limited in the number of guesses, sometimes called an online attack. ● In this attacker model, we are considering the Throttled attacker when evaluating security. ● A process of attempting to gain the system’s access by trying on all the possible passwords. If the attacker manages to guess the correct one, he has complete access to the remote system, can manipulate the data. ● Google’s Android and Apple’s iOS, the two most popular mobile operating systems, implement realworld rate limiting mechanisms to throttle attackers because otherwise, it would be possible to simply guess all PIN combinations.
  22. 22. About Attacker Model ● Apple’s iOS is very restrictive and only allows up to 10 guesses before the iPhone disables itself and requires a reset. ● Google’s Android version 7 or newer are less restrictive with a first notable barrier at 30 guesses where the waiting time increases by 10 minutes. ● This study has defined the upper bound for a throttled attacker at 100 guesses but results are also reported for less determined attackers at 10 guesses (30 s) and 30 guesses (10.5 m) for Android. An overview of the currently enforced limits is given in Table.
  23. 23. Attacker Model ● Before we analyze the pins collected, we first need to define the attacker model. ● No Information about the victim and owner of device for example no birthdays or anniversaries are known. Because users select their pins based on this information. And this could be used by an attacker to specifically target a certain user. ● Again, we consider only un-targeted attacker. In such a scenario, the best approach for an attacker is to guess the user’s PIN in decreasing probability order based in the likelihood starting with the most popular ones. To derive this order,the authors have relied upon the best available PIN datasets, which are the Amitay-4-digit and RockYou-6-digit datasets When guessing 4-digit PINs, the attacker is informed by the Amitay dataset that was analyzed by Bonneau et al While the 6-digit PIN were extracted from the RockYou password leak(2 758 490 PINs),just as Wang et al. did for the analysis. This is necessary because there is no actual 6 digit dataset available.
  24. 24. What is the attacker capable of ? What attacker does in order to improve the success rate? This attacker is characterized by the fact that the attack is done online i.e the attacker is restricted by the rate limiting of the attack device as seen here: The rate limiting itself depends on the operation system of device. On android, the attacker is not limited a certain number, the rate limiting only becomes more restrictive While 10 guesses can be done in 30 secs, 100 guesses-10 hr.For this reason we are considering 100 the maximum reasonably invested attack would prefer. ● Slowed Down by Rate Limiting
  25. 25. What is the attacker capable of ? Not allowed ● Consider that an attacker is aware of any blocklists and thus gives choices which are simply not possible.The user sees this warning and is forced to select a different PIN. ● With the knowledge of blocklist, an informed attacker can improve the guessing strategy by not guessing known-blocked PINs and instead focusing on common PINs not on blocklist.
  26. 26. Limitations ● Participant sample is skewed towards mostly younger users residing in the US. ● Further research needed to understand how more age-diverse and location-diverse populations select PINs. ● Limited in what can be concluded about the memorability of the PINs. So while reporting on the recall rates within the context of the study, these results do not generalize. ● Participants are asked to select PINs while primed for mobile authentication and there is a risk that participants do not act the same way in the wild. ● Limited the warning message based on evaluating the messaging as used by iOS, but there is a long line of research in appropriate security messaging.
  27. 27. RQ1: 4- vs. 6-digit PINs For example upto 10 guesses. We see that 6 digit pin is less secure which is bit counterintuitive. Because the success rate is higher as compared to 4 digit pins. From 60 guesses onward,the attacker is more successful in guessing 4 digit pins. X axis: no of times the attacker guesses,ranging from 1 to 100. Note: Rate limiting is in place Y axis: the success rate of an attacker. Ideally we end up in the lower right, the attacker guesses 100 times with only a few correctly guessed pins. We do not want to end up in the left where the attacker is successful only with the few guesses.
  28. 28. RQ2: Different Blocklist sizes Despite the fact that we are blocking 27 pins in one case and more than ten times as many in other, the security is again comparable. The security of the selected PINs is not ideal even yet for the small blockslist size. Blocking nearly 3000 PINs indeed increase security and even with 100 guesses the success rate of an attacker is low as 1%. But this comes at the cost of low usability. For example the blocklist hit rate is as high as 70% which means that users have to rethink their PINs choice than just the case for smaller blacklists.But due to the high number of blocklisted PINs users may need to come up with multiple PINs.
  29. 29. Let’s look at the success rate of an attacker only after 100 guesses to make it simpler. The less PINs blocklisted the more usable our blocklist becomes. The more PINs we blocklist the more secure the final distribution is Actual Success rate of an attacker depending on the Blacklist Size?? We do not end up in the straight line, there are many extremas in the curve. Depict the point where users choose PIN likely giving the attackers knowledge **Note: Attacker skips the Blacklisted PINs Regions where user choose PIN which are unlikely given the attackers knowledge so even giving the blocklist, the attacker will not guess many of them correctly within 100 tries. From the users perspective, we want to blacklist less PINs as possible.Hence the first minimum depicts the desired tradeoff We blacklist about 1000 PINs so 10% of the overall keyspace
  30. 30. Comparing Guessing Resistance ● Also compared guessing resistance with other mobile authentication schemes such as pattern drawn on 3*3 grid and alphanumeric passwords. ● In throttled attack to 100 guesses, 35.5% of the patterns will be guessed, while 4 and 6-digit PINs are twice as good than this against such attack. ● Password based authentication, is the most secure scheme. After 100 guesses only 1.9% of the passwords are recovered.
  31. 31. Comparing Guessing Resistance ● iOS has stricter rate limiting with maximum of 10 guesses that can be completed in 1 hr 36m. ● At this point attacker can compromise 4.6% of the 4 digit PINs and 6.5% of the 6 digit PINs. ● At the same time limit , attacker on android is able to compromise 13..6% of the 4 digit PINs and 11.7% of the 6 digit PINs. ● The rate limiting becomes more aggressive on iOS after initial guess. ● The first 6 guesses can be done in 1 minute while for 8 guesses, it takes 21 mins. So An attacker with only one minute is able to compromise 3.5% of the 4 digit PINs and 6.2 % of the 6 digit PINs. ● And there are only marginal gains for 10 guesses. So after first 6 guesses, it doesn’t greatly benefit attacker. ● In contrast, attacker on android would benefit more from continuing to guess beyond the initial large increases in rate limiting.
  32. 32. Takeaways ❖ Pins are widely used authenticators although we have biometrics. ❖ Conducted User Study to learn more about PINs 1. Security of the 4-digit and 6-digit pins is comparable giving a limited number of guesses as it is the case in a smartphone lock setting. 2. Blocklist needs to have a certain size in order to have an effect. This is due to the fact that we need to assume that the attacker is aware of the blocklist. Blocklists need to be large to have an effect. 3. Consider the users perspective and then blacklisting about 10% of the keyspace construct the balance between usability and security.(Blocklisting ~10% is ideal). 4. In a throttled scenario, simply increasing the PIN length is of little benefit. There was no significant difference between 4- and 6-digit PINs within the first 100 guesses. To justify the adoption of longer PINs, developers should carefully articulate an alternative threat model. Observe that without throttling, an attacker could quickly try all 4- and 6-digit PINs.
  33. 33. Thank you

