REU Summer Research in Computer Security - PowerPoint PPT Presentation

About This Presentation
Title:

REU Summer Research in Computer Security

Description:

The University of Alabama. 9/30/09. Computer Security: Summer 2003. Outline. Goals. Motivation ... Visual Authentication for Small Wireless Devices. Built in Java 2 ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 16
Provided by: PGB4
Learn more at: http://web.cecs.pdx.edu
Category:

less

Transcript and Presenter's Notes

Title: REU Summer Research in Computer Security


1
REU Summer Research in Computer Security
  • Phillip G. Bradford
  • Computer Science Department
  • The University of Alabama

2
Outline
  • Goals
  • Motivation
  • The Challenge
  • Visual Authentication for Small Wireless Devices
  • Built in Java 2
  • Target to have it ported to J2ME

3
Objective
  • My Goal for your Summer
  • Project Consists of
  • Research Design System 1-2 weeks
  • Build Perform Analysis 4-5 weeks
  • Tuning and Write Up 3-4 weeks
  • Potential Submission to JOSHUA or other venue
  • Journal of Science and Health at UA

4
Starting at the Beginning
  • Computer Passwords
  • What makes a good password?
  • For whom?
  • Easy to recall for the human
  • Relationship chasing
  • Easy to guess for the attacker
  • Dictionary Attacks
  • Many responses
  • Check your own users!
  • Timeouts

5
Mobile and Wireless Issues
  • Passwords Hard to type
  • PDAs are one-hand devices
  • Mobility
  • Physical Insecurity

6
Graphical PasswordsUndergrad Project Sobrado
and Birget
  • Classical Passwords are Alpha-numeric
  • Often with strong relationship to the user
  • Easy to define search space
  • Enlist another human association power
  • Graphical visual cognition!
  • Consider human face recognition
  • Much security is based on face recognition

7
Graphical Passwords
  • Human ability to recognize faces is
    extraordinary!
  • Use human ability to recognize faces
  • Not the computers inabilities!
  • How can we create a password scheme
  • That builds on Human Face recognition?
  • See citations in Sobrado and Birget for history
    and background

8
Start with a Famous Urn
9
Define Sequence of ClicksIn Specific Places
4
1
3
2
10
Pros and Cons
  • The bad news
  • Shoulder Surfing
  • Even worse than for typed passwords
  • The good news
  • Quick and Easy for humans to process
  • To Help correct for Shoulder Surfing
  • Challenge-Response Authentication

11
Random Scatter-Grams
12
Challenge-Response Authentication
  • Alice proves to Bob that she knows their common
    secret
  • Without letting an observer know the secret!
  • This allows us to foil shoulder surfers
  • It also happens to have both
  • Important applications, and
  • Deep theoretical foundations

13
Project Structure
  • Read http//www.ece.cmu.edu/adrian/projects/vali
    dation/validation.pdf
  • Understand the Challenge
  • How Strong is a Visual Security System?
  • 3610 for length 10 random password
  • From a,b,,z 0,1,2,,9
  • K-common objects from N total
  • N Choose k N1000 and k10 gives about 3615

14
Project Structure
  • Read http//www.ece.cmu.edu/adrian/projects/vali
    dation/validation.pdf
  • Define Small Variable-size Screen
  • Challenge-Authentication
  • Using Random Hash Function
  • Geometric Objects
  • Variable Strength
  • Testable Portable

15
Project Structure
  • Test-bed for human threshold limits
  • Can we add Lamports Hash Chain Technology?
  • Document Code and Write-up project
Write a Comment
User Comments (0)
About PowerShow.com