About KYPS
How it works
News
Mac spyware infiltrates popular download sites [Jun 1st, 2010]
Hacker sells 1.5m stolen Facebook username/passwords [Apr 25th, 2010]
Qakbot Steals 2GB of Confidential Data per Week [Apr 22nd, 2010]
Botnet used to steal credentials of over 800K users [Mar 3rd, 2010]
Stealing passwords advertised as major feature of new crimeware toolkit [Feb 10th, 2010]
German cops bust cybercrime forum [Mar 4rd, 2009]
Firefox plug-in Trojan harvests logins [Dec 8th, 2008]
Keep Your Password Secret
safely login despite keyloggers and spyware
This page explains why KYPS encrypts cookies and links, how it does this, and how this provides protection while using an untrusted computer. Note that, while cookie encryption is always turned on, you can turn link encryption on or off. Read more about this here.
Why KYPS encrypts cookies and links
Sometimes it is possible for an attacker to break into other people's accounts by "stealing" (i.e. observing, copying and subsequently abusing) some special value that the webserver sends to the browser. Typically, such special values are sent within cookies and within links (usually redirection links). By encrypting these cookies and the links, KYPS prevents malicious sofware running on the public computer from simply abusing these values, as they are encrypted. The following figure shows an excerpt from the browser's cookie cache when using KYPS. Note the value marked in red: it is an encrypted version of the value in the original cookie. Even if the original cookie enables someone to break into your account, this encrypted version does not.
See this page for more information about session hijacking and this page for cookie stealing in particular.
How KYPS encrypts cookies and links
KYPS uses a random 128-bit encryption key which is generated using a secure pseudorandom number generator. The used encryption algorithm is AES.
What protection does this provide
Encypting links and cookies provides two types of protection, as follows.
1) Protection against session hijacking attacks, as described above (also read the disclaimer below!).
2) Effective logout after 10 minutes of inactivity: Even if you forget to manually logout from the website (or even if some malware tricks you into believing that you haved logged out while in fact you have not), after ten minutes of inactivity you are effectively logged out of the website because the (encrypted) KYPS cookies become invalid - this happens irrespective of how long the original cookies were meant to be valid, and irrespective of time settings at the computer. They become invalid because KYPS can no longer decrypt them because after 10 minutes of inactivity the key is automatically and irrevocably deleted.
disclaimer
While using KYPS significantly raises the bar for a successful session hijacking attack, it is not possible to completely prevent such attacks. Therefore, KYPS does not guarantee security against session hijacking attacks. It is for example possible that a website sets some critical cookie using some complicated javascript; KYPS cannot encrypt cookies that are set in such ways. As another example, an attacker could abuse the encrypted KYPS cookies by impersonating the user to KYPS, i.e. by "going through" the KYPS server just like the normal user, causing KYPS to decrypt the encrypted cookies for him. This type of attack cannot be prevented since KYPS does not authenticate the user after the login has taken place. However, this attack is unlikely to happen in practice since it is a customised attack against KYPS - the attacker is more likely to focus on stealing cookies that do not require decryption.