REU Summer Research in Computer Security

Slides:



Advertisements
Similar presentations
Ari Juels RSA Laboratories Marty Wattenberg 328 W. 19th Street, NYC A Fuzzy Commitment Scheme.
Advertisements

1 CompChall: Addressing Password Guessing Attacks IAS, ITCC-2005, April 2005 CompChall: Addressing Password Guessing Attacks By Vipul Goyal OSP Global.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
CSUF Chapter CSUF Operating Systems Security 2.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
Chameleon: A Novel System for Defending Eavesdropping of Secret Information Saiyma Sarmin Department of Computer.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
A Graphical PIN Authentication Mechanism with Applications to Smart Cards and Low-Cost devices Clemente Galdi Università di Napoli “Federico II” Luigi.
Duress Detection for Authentication Attacks Against Multiple Administrators Emil Stefanov UC Berkeley Mikhail Atallah Purdue University.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Trustworthy Computing in My Mind: A Case Study on Visual Password Shujun Li Visiting Student at VC Group, Microsoft Research Asia Institute of Image Processing.
3D-password A more secured authentication G.Suresh babu Roll no:08H71A05C2 Computer science & engineering Mic college of technology Guide:Mrs A.Jaya Lakshmi.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
Secure Space: Location-based Secure Wireless Group Communication Arunesh Mishra, Suman Banerjee Department of Computer Science, University of Maryland,
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
User Authentication Rachna Dhamija Human Centered Computing Course December 6, 1999 Image Recognition in.
Creating Difficult Instances of the Post Correspondence Problem Presenter: Ling Zhao Department of Computing Science University of Alberta March 20, 2001.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Authentication for Humans Rachna Dhamija SIMS, UC Berkeley DIMACS Workshop on Usable Privacy and Security Software July 7, 2004.
ALICE 3D PROGRAM WORKSHOP. ALICE & MATHEMATICS Using Alice in Mathematics Using 3D Graphics to add in the understanding of math concepts.
Strong Password Protocols
Kok-Chie Daniel Pu - MSISPM. Wow... Daniel will be presenting a lecture on Graphical Passwords !!!
A SECURE RECOGNITION BASED ON GRAPHICAL PASSWORD
GRAPHICAL PASSWORD AUTHENTICATION PRESENTED BY SUDEEP KUMAR PATRA REGD NO Under the guidance of Mrs. Chinmayee Behera.
CIS 450 – Network Security Chapter 8 – Password Security.
3D password Umesh ECE.
Intro to Computer Algorithms Lecture 1 Phillip G. Bradford Computer Science University of Alabama.
Presented by: Lin Jie Authors: Xiaoyuan Suo, Ying Zhu and G. Scott. Owen.
Lecture 11: Strong Passwords
1 Lecture 8: Authentication of People what you know (password schemes) what you have (keys, smart cards, etc.) what you are (voice recognition, fingerprints,
Password security Dr.Patrick A.H. Bours. 2 Password: Kinds of passwords Password A string of characters: PIN-code A string.
Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.
D´ej`a Vu: A User Study Using Images for Authentication Rachna Dhamija,Adrian Perrig SIMS / CS, University of California Berkeley 報告人:張淯閎.
3D PASSWORD FOR SECURE AUTHENTICATION
Generative Approaches for Application Tailoring of Mobile Devices Victoria M. Davis, Dr. Jeff Gray (UAB) and Dr. Joel Jones (UA) Portions of this research.
Jawaharlal Nehru National College of Engineering, Shimoga – Department of Computer Science & Engineering Technical Seminar on, Under the guidance.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Securing Passwords Against Dictionary Attacks Presented By Chad Frommeyer.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Chapter 1 – Introduction Part 4 1. Message Authentication Codes Allows for Alice and Bob to have data integrity, if they share a secret key. Given a message.
Doc.: IEEE /200 Submission September 2000 Ron Brockmann, Intersil Plug-n-Play Security in the Home & Small Business Ron Brockmann Intersil.
PROPOSAL : The Use of Voice Command in Operating Personal Computer By : COLLEGE OF ART & SCIENCE UNIVERSITI UTARA MALAYSIA STIW5023 ADVANCED PROGRAMMING.
Graphical VS Textual Presented by Ding Li Nicholas Wright, Andrew S. Patrick, and Robert Biddle. “Do you see your password? Applying recognition to textual.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
Introduction Authentication Schemes Functionalities Required 3D Password selection and Input Virtual Environment Design Guidelines Applications Security.
Homework #2 J. H. Wang Oct. 31, 2012.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Identification (User Authentication). Model Alice wishes to prove to Bob her identity in order to access a resource, obtain a service etc. Bob may ask.
TING-YI CHANG ( 張庭毅 ) Phone: EXT 7381 GRADUATE INSTITUTE OF E-LEARNING, NATIONAL CHANGHUA UNIVERSITY OF EDUCATION.
@Yuan Xue 285: Network Security CS 285 Network Security Hash Algorithm Yuan Xue Fall 2012.
1 The Design and Analysis of Graphical Passwords Presenter : Ta Duy Vuong Ian Jermyn New York University Alain Mayer, Fabian Monrose,
Outline The basic authentication problem
Authentication Schemes for Session Passwords using Color and Images
Public-key Cryptography
Strong Password Protocols
Encryption with Keys and Passwords
Title of the Poster Experimentation and/or Theoretical Proof Findings
Strong Password Protocols
Encryption with Keys and Passwords
The Design and Analysis of Graphical Passwords
Password Awareness.
COEN 351 Authentication.
“Hello Bob, Alice” ---Secure wireless communication with mutual link information (a tutorial perspective) Dr. Shaoen Wu School of Computing
Presentation transcript:

REU Summer Research in Computer Security Phillip G. Bradford Computer Science Department The University of Alabama

Computer Security: Summer 2003 Outline Goals Motivation The Challenge Visual Authentication for Small Wireless Devices Built in Java 2 Target to have it ported to J2ME 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Objective My Goal for your Summer Project Consists of Research & Design System [1-2 weeks] Build & Perform Analysis [4-5 weeks] Tuning and Write Up [3-4 weeks] Potential Submission to JOSHUA or other venue Journal of Science and Health at UA 1/16/2019 Computer Security: Summer 2003

Starting at the Beginning Computer Passwords What makes a good password? For whom? Easy to recall for the human Relationship chasing Easy to guess for the attacker Dictionary Attacks Many responses Check your own users! Timeouts 1/16/2019 Computer Security: Summer 2003

Mobile and Wireless Issues Passwords Hard to type PDAs are “one-hand” devices Mobility Physical Insecurity 1/16/2019 Computer Security: Summer 2003

Graphical Passwords Undergrad Project: Sobrado and Birget Classical Passwords are Alpha-numeric Often with strong relationship to the user Easy to define search space Enlist another human association power Graphical & visual cognition! Consider human face recognition Much security is based on face recognition 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Graphical Passwords Human ability to recognize faces is extraordinary! Use human ability to recognize faces Not the computer’s inabilities! How can we create a password scheme That builds on Human Face recognition? See citations in Sobrado and Birget for history and background 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Start with a Famous Urn 1/16/2019 Computer Security: Summer 2003

Define Sequence of Clicks In Specific Places 4 1 3 2 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Pros and Cons The bad news “Shoulder Surfing” Even worse than for typed passwords The good news Quick and Easy for humans to process To Help correct for Shoulder Surfing Challenge-Response Authentication 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Random Scatter-Grams 1/16/2019 Computer Security: Summer 2003

Challenge-Response Authentication Alice proves to Bob that she knows their common secret Without letting an observer know the secret! This allows us to foil shoulder surfers It also happens to have both Important applications, and Deep theoretical foundations 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Project Structure Read: http://www.ece.cmu.edu/~adrian/projects/validation/validation.pdf Understand the Challenge How Strong is a Visual Security System? 3610 for length 10 “random” password From {a,b,…,z; 0,1,2,…,9} K-common objects from N total N Choose k; N=1000 and k=10 gives about 3615 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Project Structure Read: http://www.ece.cmu.edu/~adrian/projects/validation/validation.pdf Define Small Variable-size Screen Challenge-Authentication Using “Random” Hash Function Geometric Objects Variable Strength Testable & Portable 1/16/2019 Computer Security: Summer 2003

Computer Security: Summer 2003 Project Structure Test-bed for human threshold limits Can we add “Lamport’s Hash Chain” Technology? Document Code and Write-up project 1/16/2019 Computer Security: Summer 2003

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.