We analyze the security of Level 2 multi-factor authentication (MFA) based on SMS One-Time Passcode (OTP) of Italian Electronic Identity Card (CIE). We propose a novel threat model encompassing password compromise, network disruptions, user errors, and malware attacks. The combinations of the adversary’s attack capabilites yield a plethora of possible attack scenarios, which we systematically generate, formalise and verify in ProVerif. Our analysis reveals that CIE MFA based on SMS OTP is vulnerable to attacks with read access to the mobile device or keyboard, or to phishing, but event to mere read access to the user’s computer screen. To address the latter vulnerability, we propose a minor modification of the protocol. The threat model we introduce paves the way for the analysis of other CIE MFA protocols.
A Formal Analysis of CIE Level 2 Multi-Factor Authentication via SMS OTP
Van Eeden R.;Miculan M.
2024-01-01
Abstract
We analyze the security of Level 2 multi-factor authentication (MFA) based on SMS One-Time Passcode (OTP) of Italian Electronic Identity Card (CIE). We propose a novel threat model encompassing password compromise, network disruptions, user errors, and malware attacks. The combinations of the adversary’s attack capabilites yield a plethora of possible attack scenarios, which we systematically generate, formalise and verify in ProVerif. Our analysis reveals that CIE MFA based on SMS OTP is vulnerable to attacks with read access to the mobile device or keyboard, or to phishing, but event to mere read access to the user’s computer screen. To address the latter vulnerability, we propose a minor modification of the protocol. The threat model we introduce paves the way for the analysis of other CIE MFA protocols.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
