Crauth

From VoidWarranties - Hackerspace Antwerp, Belgium
(Difference between revisions)
Jump to: navigation, search
(Cons)
m (Havn't seen/heard any activity on this for a long time. put it to non-active.)
 
(10 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{{Project
 
{{Project
|Current=Yes
+
|Current=No
 
|Category=Security
 
|Category=Security
 
|Logo=Locked home.jpg
 
|Logo=Locked home.jpg
|Participants=Yvanj, Koert
+
|Participants=, Koert
|Locations=Behind you desk, Den Bunker,  
+
|Locations=Behind your desk, Den Bunker,
 
|Short description=Creating a simple authentication system without using a password which can be shared through multiple systems such as the barputer., and does not require specialized hardware to use.
 
|Short description=Creating a simple authentication system without using a password which can be shared through multiple systems such as the barputer., and does not require specialized hardware to use.
 
}}
 
}}
 
 
=Introduction=
 
=Introduction=
 
The goal of this project is to provide an easy-to-use authentication system which doesn't require a password. This comes in handy at the [[barputer]] (touch-based input), or other services not related to core management. The system should be easy to use, easy to implement, provide fair enough protection, and shouldn't require special tools or hardware.
 
The goal of this project is to provide an easy-to-use authentication system which doesn't require a password. This comes in handy at the [[barputer]] (touch-based input), or other services not related to core management. The system should be easy to use, easy to implement, provide fair enough protection, and shouldn't require special tools or hardware.
Line 24: Line 23:
 
* Not super secure: once the algorytm has been found, and the parameters, challenges/responses are easily faked. Should only be used on places where authentication is a benefit, but not a requirement.
 
* Not super secure: once the algorytm has been found, and the parameters, challenges/responses are easily faked. Should only be used on places where authentication is a benefit, but not a requirement.
 
* Though the algo is easy, calculating by hard requires some time. Better not start with the current time if it's 14:50.
 
* Though the algo is easy, calculating by hard requires some time. Better not start with the current time if it's 14:50.
 +
* You would need to have the hardware with you at the barputer (same problem as paying cash: you don't always have your wallet with you at the bar).
 +
* People who buy a drink, want a drink, not a math project.
  
 
===Other details===
 
===Other details===
Line 34: Line 35:
 
I worked out a sample implementation of this system:  
 
I worked out a sample implementation of this system:  
 
* first [http://dl.dropbox.com/u/15854305/authcodegen.cs draft] (2011-09-18) C#, compilable and runnable under Mono+.net .
 
* first [http://dl.dropbox.com/u/15854305/authcodegen.cs draft] (2011-09-18) C#, compilable and runnable under Mono+.net .
 +
* printable [http://dl.dropbox.com/u/15854305/formulier-berekening.pdf aid] for manual calculations if really necessary (mobile apps are on their way)
  
 
==Barcode auth==
 
==Barcode auth==
Line 44: Line 46:
 
* Requires special hardware (barcode reader)
 
* Requires special hardware (barcode reader)
 
* Cards are easily forgotten at home, train/bus/tram, and knowing your barcode number by hard is not manageable for all people.
 
* Cards are easily forgotten at home, train/bus/tram, and knowing your barcode number by hard is not manageable for all people.
 +
** Barcodes can be scanned from a cell phone screen --> no extra thing to bring.  If the scanner can scan from a screen (mine can't)
 
* You have to have your card with you at the barputer to be able to identify yourself.  So this would leave us with the same problem as people paing cash: sometimes your wallet is still in another room.
 
* You have to have your card with you at the barputer to be able to identify yourself.  So this would leave us with the same problem as people paing cash: sometimes your wallet is still in another room.
 
* We have to find something to put on the barcode.
 
* We have to find something to put on the barcode.
Line 54: Line 57:
 
===Sample implementation===
 
===Sample implementation===
 
(to be added by [[Koert]] if required, otherwise discard this section.
 
(to be added by [[Koert]] if required, otherwise discard this section.
 +
 +
==MALMan password==
 +
===Pros===
 +
* Easy to implement, most of the stuff needed is already in place.
 +
* You don't need to carry anything around with you.
 +
 +
===Cons===
 +
* We need a keyboard at the barputer.
 +
* There are often people hanging around at the bar, so shouldersurfing could easily go unnoticed.
 +
* It's slower than just scannin something.
 +
* Secure API access is required if members develop space-related apps (otherwise it'll be a quite interesting spot to start when breaking in)
 +
 +
===Other details===
 +
* /
 +
 +
===Sample implementation===
 +
* Current MALMan login system.

Latest revision as of 09:51, 23 August 2013


Crauth
What:
Creating a simple authentication system without using a password which can be shared through multiple systems such as the barputer., and does not require specialized hardware to use.
Locked home.jpg
Participants:
Koert
Category:
Security
Locations:
Behind your desk, Den Bunker

Contents

Introduction

The goal of this project is to provide an easy-to-use authentication system which doesn't require a password. This comes in handy at the barputer (touch-based input), or other services not related to core management. The system should be easy to use, easy to implement, provide fair enough protection, and shouldn't require special tools or hardware.


Possible ideas

There were a few ideas, and this should be a summary of them. If the summary becomes too long, create a page/project for it.

Challenge/Response auth

Pros

Cons

Other details

Sample implementation

I worked out a sample implementation of this system:

Barcode auth

Pros

Cons

Other details

Sample implementation

(to be added by Koert if required, otherwise discard this section.

MALMan password

Pros

Cons

Other details

Sample implementation

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox
Content Creation
Belgian Spaces