Nalazite se na CroRIS probnoj okolini. Ovdje evidentirani podaci neće biti pohranjeni u Informacijskom sustavu znanosti RH. Ako je ovo greška, CroRIS produkcijskoj okolini moguće je pristupi putem poveznice www.croris.hr
izvor podataka: crosbi !

Shoulder-Surfing Safe Login in a Partially Observable Attacker Model (CROSBI ID 557090)

Prilog sa skupa u zborniku | izvorni znanstveni rad | međunarodna recenzija

Perković, Toni ; Čagalj, Mario ; Saxena, Nitesh ; Shoulder-Surfing Safe Login in a Partially Observable Attacker Model // Lecture Notes in Computer Science (Springer-Verlag LNCS): The 14th International Conference on Financial Cryptography and Data Security (Financial Cryptography 2010 - FC10). 2010

Podaci o odgovornosti

Perković, Toni ; Čagalj, Mario ; Saxena, Nitesh ;

engleski

Shoulder-Surfing Safe Login in a Partially Observable Attacker Model

Secure login methods based on human cognitive skills can be classified into two categories based on information available to a passive attacker: (i) the attacker fully observes the entire input and output of a login procedure, (ii) the attacker only partially observes the input and output. Login methods secure in the fully observable model imply very long secrets and/or complex calculations. In this paper, we study three simple PIN-entry methods designed for the partially observable attacker model. A notable feature of the first method is that the user needs to perform a very simple mathematical operation, whereas, in the other two methods, the user performs a simple table lookup. Our usability study shows that all the methods have reasonably low login times and minimal error rates. These results, coupled with low-cost hardware requirements (only earphones), are a significant improvement over existing approaches for this model [9, 10]. We also show that side-channel timing attacks present a real threat to the security of login schemes based on human cognitive skills.

cognitive authentication schemes; usability study; side channel timing attacks

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

Podaci o prilogu

2010.

objavljeno

Podaci o matičnoj publikaciji

Lecture Notes in Computer Science (Springer-Verlag LNCS): The 14th International Conference on Financial Cryptography and Data Security (Financial Cryptography 2010 - FC10)

Podaci o skupu

The 14th International Conference on Financial Cryptography and Data Security (Financial Cryptography 2010 - FC10)

predavanje

25.01.2010-28.01.2010

Tenerife, Španjolska

Povezanost rada

Računarstvo

Poveznice