Tunneled TLS for multi-factor authentication.

When logging onto a remote server, s, from a distrusted terminal, c, one can leak secrets such as passwords and account data to malware. To address this problem, we rely on a trusted personal device, p, as the interface available to users for entering their login credentials. In our proposal, p would send the credentials to s using a tunneled TLS session routed via c. The tunneling would be done within an existing TLS session established between c and s. Upon validating the credentials, s would enable c to access the user account. Consequently, c would never see in plain-text user's credentials. As a powerful application, we show that p could use our protocol to execute a credit-card-like payment at a point-of-sale terminal, c, using an account managed by the card-issuing bank, s.