Select Language

MFDPG: Multi-Factor Deterministic Password Management with Zero Stored Secrets

Analysis of a novel password management system using multi-factor key derivation and deterministic generation to eliminate credential storage and upgrade legacy authentication.
computationalcoin.com | PDF Size: 0.3 MB
Rating: 4.5/5
Your Rating
You have already rated this document
PDF Document Cover - MFDPG: Multi-Factor Deterministic Password Management with Zero Stored Secrets
View PDF Document Download PDF Translate PDF
Home » Documentation » MFDPG: Multi-Factor Deterministic Password Management with Zero Stored Secrets

1. Introduction & Overview

Passwords remain the dominant authentication mechanism, yet their management presents a critical security challenge. Traditional password managers create central points of failure, as evidenced by breaches like LastPass. Deterministic Password Generators (DPGs) have been proposed for over two decades as an alternative, generating unique passwords per site from a master secret and domain name, eliminating storage. However, existing DPGs suffer from significant security, privacy, and usability flaws that have prevented widespread adoption.

This paper introduces the Multi-Factor Deterministic Password Generator (MFDPG), a novel design that addresses these shortcomings. MFDPG leverages multi-factor key derivation to harden the master secret, employs Cuckoo filters for secure password revocation, and uses a Deterministic Finite Automaton (DFA) traversal algorithm to comply with complex password policies—all without storing any secrets client or server-side.

Core Contributions

  • Analysis of 45 existing DPGs to identify adoption barriers.
  • Design of MFDPG with zero secret storage.
  • Client-side upgrade path for weak password-only sites to strong MFA.
  • Compatibility validation with the top 100 web applications.

2. Analysis of Existing DPGs

The survey of 45 DPG schemes (e.g., PwdHash) revealed consistent critical flaws.

2.1 Security & Privacy Flaws

  • Master Password Exposure: Compromise of a single generated password can directly facilitate attacks on the master password.
  • Lack of Forward Secrecy/Revocation: Inability to rotate passwords for a specific service without changing the master password for all services.
  • Usage Pattern Leakage: Simple schemes can leak which services a user has accounts with.

2.2 Usability Limitations

  • Policy Incompatibility: Cannot generate passwords that meet specific website requirements (length, character sets).
  • No Multi-Factor Integration: Purely password-based, lacking resilience if the master password is compromised.

3. The MFDPG Design

MFDPG's architecture is built on three core innovations.

3.1 Multi-Factor Key Derivation

MFDPG uses a multi-factor key derivation function (MFKDF) to combine multiple secrets: a memorized password ($P$), a hardware token ($T$), and a biometric factor ($B$). The derived key $K$ is:

$K = \text{MFKDF}(P, T, B, \text{salt})$

This ensures compromise of any single factor (e.g., a phished password) does not reveal the master key, effectively upgrading password-only websites to support strong MFA client-side.

3.2 Cuckoo Filters for Revocation

To solve password rotation for a compromised site without global changes, MFDPG uses a Cuckoo filter—a probabilistic data structure. The filter stores revoked site identifiers (e.g., hashed domain + iteration counter). During password generation, the system checks the filter. If a site is listed, it increments an internal counter, deriving a new password: $Password = \text{KDF}(K, \text{domain} || \text{counter})$. This allows per-site revocation without storing a plaintext list of user accounts.

3.3 DFA-Based Password Generation

To comply with arbitrary regular expression password policies (e.g., ^(?=.*[A-Z])(?=.*\d).{12,}$), MFDPG models the policy as a Deterministic Finite Automaton (DFA). The generator traverses the DFA, using cryptographically secure random choices at each state transition to produce a password that is both policy-compliant and deterministic based on the input key and domain.

4. Evaluation & Results

The MFDPG prototype was evaluated for compatibility with the 100 most popular websites (per Alexa rankings).

Compatibility Results

  • Success Rate: 100% of tested sites accepted passwords generated by the MFDPG algorithm.
  • Policy Handling: The DFA-based generator successfully satisfied all encountered password policies, including complex rules for special characters, length, and prohibited sequences.
  • Performance: Password generation time was sub-second, suitable for real-time user interaction.

Chart Description: A bar chart would show the distribution of password policy types encountered (e.g., "Minimum Length Only," "Requires Uppercase & Number," "Complex Regex") and a 100% success bar for MFDPG compliance across all categories, contrasting with a lower bar for a baseline simple hash DPG.

5. Technical Deep Dive

Key Derivation: The core security relies on a strong MFKDF setup, such as one based on OPAQUE or other asymmetric PAKE protocols, to prevent offline attacks even if the derived site-specific password is leaked.

DFA Traversal Algorithm (Conceptual):

  1. Encode the website's password policy as a DFA $A$.
  2. Seed a CSPRNG with $\text{HMAC}(K, \text{domain})$.
  3. Starting at the initial state, use the CSPRNG to randomly choose a valid transition (outputting a character) to a next state.
  4. Repeat until an accepting state is reached, ensuring the final sequence is a valid word in $A$'s language.
This guarantees deterministic output for the same inputs while satisfying the policy.

6. Analyst's Perspective: Core Insight, Logical Flow, Strengths & Flaws, Actionable Insights

Core Insight: MFDPG isn't just another password manager; it's a strategic end-run around the slow pace of web authentication evolution. The paper's genius lies in reframing the problem: instead of waiting for websites to adopt FIDO2 or passkeys, MFDPG empowers the user to unilaterally enforce multi-factor security on the client-side for any legacy password-based service. This turns the weakest link—the reusable password—into a derived, single-use token protected by hardware and biometric factors. It's a pragmatic acknowledgment that the password won't die anytime soon, so we must armor it cryptographically.

Logical Flow: The argument is compelling. 1) Current DPGs are fundamentally broken (master key exposure, no rotation). 2) Therefore, we need a cryptographically hardened foundation (MFKDF). 3) But hardening isn't enough; we need real-world utility (policy compliance, revocation). 4) The proposed solutions (Cuckoo filters, DFA traversal) directly target these utility gaps. 5) The result is a system that not only fixes DPGs but also stealthily upgrades the entire authentication landscape from the bottom up. The logic is clean, and each design choice is a direct counterpunch to a documented flaw.

Strengths & Flaws: The strength is its elegant, zero-storage architecture and its progressive enhancement capability. It learns from the failures of predecessors like PwdHash. However, the flaws are in the deployment model. Critical Flaw: User recovery is a nightmare. Lose your hardware token? You're locked out of everything instantly—a catastrophic single point of failure that makes cloud backup risks seem mild. The paper glosses over this. Furthermore, its security heavily depends on the MFKDF implementation, which is a complex cryptographic primitive prone to implementation errors. As the USENIX Security 2023 analysis of MFA schemes shows, real-world MFA systems often have subtle vulnerabilities. Widespread adoption would require a foolproof, user-friendly recovery mechanism, which seems antithetical to its "zero stored secrets" philosophy.

Actionable Insights: For security teams, MFDPG's core concepts are immediately valuable. The DFA-based policy-compliant generation can be piloted internally for service account passwords. The use of Cuckoo filters for revocation is a clever privacy-preserving technique applicable beyond passwords (e.g., managing token blocklists). The big lesson is to decouple secret storage from secret derivation. Instead of vaults, think about cryptographically binding multiple factors into a single, ephemeral derivation key. Companies should invest in R&D for user-held, recoverable multi-factor roots of trust—the missing piece MFDPG hints at but doesn't solve. The future isn't in better vaults; it's in making the vault unnecessary, and MFDPG points squarely in that direction.

7. Future Applications & Directions

  • Passwordless Integration: MFDPG's derived site-specific passwords could serve as the "something you have" in a FIDO2-like flow, bridging password and passwordless worlds.
  • Decentralized Identity: The zero-storage, user-centric model aligns with Web3 and decentralized identity principles (e.g., IETF's GNAP). The master multi-factor key could generate decentralized identifiers (DIDs) and proofs.
  • Enterprise Secret Management: Adapted for machine identities, generating unique API keys/secrets for different services from a central root, with automated rotation via the revocation filter.
  • Research Direction: Developing formal security proofs for the combined MFKDF+DFA+Filter system. Exploring post-quantum MFKDF constructions. Designing humane, secure recovery protocols that don't compromise the zero-secret model.

8. References

  1. Nair, V., & Song, D. (Year). MFDPG: Multi-Factor Authenticated Password Management With Zero Stored Secrets. Conference Name.
  2. Ross, B., Jackson, C., Miyake, N., Boneh, D., & Mitchell, J. C. (2005). Stronger Password Authentication Using Browser Extensions. USENIX Security Symposium. (PwdHash)
  3. Ghalwash, H., et al. (2023). SoK: Multi-Factor Authentication. USENIX Security Symposium.
  4. Jarecki, S., Krawczyk, H., & Xu, J. (2018). OPAQUE: An Asymmetric PAKE Protocol Secure Against Pre-Computation Attacks. EUROCRYPT.
  5. Fan, B., Andersen, D. G., Kaminsky, M., & Mitzenmacher, M. (2014). Cuckoo Filter: Practically Better Than Bloom. CoNEXT.
  6. FIDO Alliance. (2023). FIDO2: WebAuthn & CTAP Specifications. https://fidoalliance.org/fido2/