Leakage resilient password systems [electronic resource] / Lingjiu Li, Qiang Yan, Robert H. Deng.
2015
QA76.9.A25 L5 2015eb
Formats
| Format | |
|---|---|
| BibTeX | |
| MARCXML | |
| TextMARC | |
| MARC | |
| DublinCore | |
| EndNote | |
| NLM | |
| RefWorks | |
| RIS |
Cite
Citation
Linked e-resources
Linked Resource
Concurrent users
Unlimited
Authorized users
Authorized users
Document Delivery Supplied
Can lend chapters, not whole ebooks
Details
Title
Leakage resilient password systems [electronic resource] / Lingjiu Li, Qiang Yan, Robert H. Deng.
Author
ISBN
9783319175034 electronic book
3319175033 electronic book
9783319175027
3319175033 electronic book
9783319175027
Published
Cham : Springer, [2015]
Language
English
Description
1 online resource.
Item Number
10.1007/978-3-319-17503-4 doi
Call Number
QA76.9.A25 L5 2015eb
Dewey Decimal Classification
005.8
Summary
This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and that these attacks cannot be effectively mitigated without sacrificing the usability of LRP systems. Quantitative analysis proves that a secure LRP system in practical settings imposes a considerable amount of cognitive workload unless certain secure channels are involved. The book introduces a secure and practical LRP system, named Cover Pad, for password entry on touch-screen mobile devices. Cover Pad leverages a temporary secure channel between a user and a touch screen which can be easily realized by placing a hand shielding gesture on the touch screen. The temporary secure channel is used to deliver a hidden message to the user for transforming each password symbol before entering it on the touch screen. A user study shows the impact of these testing conditions on the users' performance in practice. Finally, this book introduces a new LRP system named ShadowKey. Shadow Key is designed to achieve better usability for leakage resilient password entry. It leverages either a permanent secure channel, which naturally exists between a user and the display unit of certain mobile devices, or a temporary secure channel, which can be easily realized between a user and a touch screen with a hand-shielding gesture. The secure channel protects the mappings between original password symbols and associated random symbols. Unlike previous LRP system users, Shadow Key users do not need to remember anything except their passwords. Leakage Resilient Password Systems is designed for professionals working in the security industry. Advanced-level students studying computer science and electrical engineering will find this brief full of useful material.
Bibliography, etc. Note
Includes bibliographical references.
Access Note
Access limited to authorized users.
Added Author
Series
SpringerBriefs in computer science.
Available in Other Form
Print version: 9783319175027
Linked Resources
Record Appears in
Table of Contents
Leakage Resilient Password Systems: Attacks, Principles and Usability
Cover Pad: A Leakage Resilient Password System on Touch-Screen Mobile Devices
Shadow Key: A Practical Leakage Resilient Password System.
Cover Pad: A Leakage Resilient Password System on Touch-Screen Mobile Devices
Shadow Key: A Practical Leakage Resilient Password System.