Opaque Sphinx Server and Clients
Server and tools for modern authentication
Passwords are probably the most common way to remotely use private services, which makes them a major liability - humans on average find it very hard to memorize strong passwords. Luckily, passwords - or more particularly tools to work with passwords more safely - are evolving as well. SPHINX is a novel approach to password storage that is information theoretically secure. And unlike most online password managers, the user does not even have to trust the server. OPAQUE is a novel protocol that can be used to eliminate phishing as an attack vector when authenticating to servers. The combination of SPHINX and OPAQUE provides some very strong guarantees while still allowing users to only need to remember one or just a few passwords. This project will develop a SPHINX server in a safe, compiled language, with ample tests. It will also further develop and refine a protocol above SPHINX, handling creation, deletion, backup and changing of data. In addition it will add the OPAQUE protocol to various free software ecosystems such as PHP, java, nodejs, ruby, golang, erlang and rust, as well as to the two most used webservers: nginx and apache2.
- The project's own website: https://github.com/stef/libsphinx
Why does this actually matter to end users?
Reusing passwords is a known security risk. But remembering unique and strong passwords, full of numbers and symbols, is practically impossible with the amount of logins people have. Instead of trying to memorize them all or, even worse, write them down somewhere close to the computer, password managers can also do the trick. Of course this password vault then becomes the new point of failure, especially if the manager saves and syncs the passwords online to a server somewhere. Of course any online password manager would not be worth its salt if they can be easily cracked. But a well-prepared attacker would only need to get into a server once to grab as many passwords as they can, possibly compromising countless accounts in the process.
Users can only truly trust password stores if they are practically unbreakable. This project combines two technologies that make it practically impossible for attackers to access your stored passwords, both online and offline. Sphinx adds end-to-end encryption to password storage: when you open your vault with your master password and copy or select the password you need to login to a specific service, both your master key and your other passwords are encoded and unusable for any spying third party the whole time. On top of that, the new protocol Opaque makes phishing impossible when authenticating (in other words, proving that you are who you say you are) to the server. Combining these two technologies makes password storage theoretically secure, meaning users can actually rely that their passwords and the massive amounts of personal data they give access to are as safe as possible. This project aims to further develop Sphinx and create a Sphinx server, as well as propagate the Opaque protocol to massively used free software, programming languages and two very popular webservers. Implementing and proving the worth of these password protection measures can help make password managers more attractive and trustworthy to novel users, which will ultimately better protect their privacy and security online and offline.
This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.
