Leakage Resilient Password Systems

This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and t...

Πλήρης περιγραφή

Λεπτομέρειες βιβλιογραφικής εγγραφής
Κύριοι συγγραφείς: Li, Yingjiu (Συγγραφέας), Yan, Qiang (Συγγραφέας), Deng, Robert H. (Συγγραφέας)
Συγγραφή απο Οργανισμό/Αρχή: SpringerLink (Online service)
Μορφή: Ηλεκτρονική πηγή Ηλ. βιβλίο
Γλώσσα:English
Έκδοση: Cham : Springer International Publishing : Imprint: Springer, 2015.
Σειρά:SpringerBriefs in Computer Science,
Θέματα:
Διαθέσιμο Online:Full Text via HEAL-Link
LEADER 04039nam a22005415i 4500
001 978-3-319-17503-4
003 DE-He213
005 20151103121441.0
007 cr nn 008mamaa
008 150423s2015 gw | s |||| 0|eng d
020 |a 9783319175034  |9 978-3-319-17503-4 
024 7 |a 10.1007/978-3-319-17503-4  |2 doi 
040 |d GrThAP 
050 4 |a QA76.9.A25 
072 7 |a UR  |2 bicssc 
072 7 |a UTN  |2 bicssc 
072 7 |a COM053000  |2 bisacsh 
082 0 4 |a 005.8  |2 23 
100 1 |a Li, Yingjiu.  |e author. 
245 1 0 |a Leakage Resilient Password Systems  |h [electronic resource] /  |c by Yingjiu Li, Qiang Yan, Robert H. Deng. 
264 1 |a Cham :  |b Springer International Publishing :  |b Imprint: Springer,  |c 2015. 
300 |a X, 64 p. 24 illus., 9 illus. in color.  |b online resource. 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a text file  |b PDF  |2 rda 
490 1 |a SpringerBriefs in Computer Science,  |x 2191-5768 
505 0 |a Leakage Resilient Password Systems: Attacks, Principles and Usability -- Cover Pad: A Leakage Resilient Password System on Touch-Screen Mobile Devices -- Shadow Key: A Practical Leakage Resilient Password System. 
520 |a This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and that these attacks cannot be effectively mitigated without sacrificing the usability of LRP systems. Quantitative analysis proves that a secure LRP system in practical settings imposes a considerable amount of cognitive workload unless certain secure channels are involved. The book introduces a secure and practical LRP system, named Cover Pad, for password entry on touch-screen mobile devices. Cover Pad leverages a temporary secure channel between a user and a touch screen which can be easily realized by placing a hand shielding gesture on the touch screen. The temporary secure channel is used to deliver a hidden message to the user for transforming each password symbol before entering it on the touch screen. A user study shows the impact of these testing conditions on the users' performance in practice. Finally, this book introduces a new LRP system named ShadowKey. Shadow Key is designed to achieve better usability for leakage resilient password entry. It leverages either a permanent secure channel, which naturally exists between a user and the display unit of certain mobile devices, or a temporary secure channel, which can be easily realized between a user and a touch screen with a hand-shielding gesture. The secure channel protects the mappings between original password symbols and associated random symbols. Unlike previous LRP system users, Shadow Key users do not need to remember anything except their passwords. Leakage Resilient Password Systems is designed for professionals working in the security industry. Advanced-level students studying computer science and electrical engineering will find this brief full of useful material. 
650 0 |a Computer science. 
650 0 |a Computer security. 
650 0 |a Data encryption (Computer science). 
650 0 |a Computers. 
650 0 |a Electrical engineering. 
650 1 4 |a Computer Science. 
650 2 4 |a Systems and Data Security. 
650 2 4 |a Information Systems and Communication Service. 
650 2 4 |a Communications Engineering, Networks. 
650 2 4 |a Data Encryption. 
700 1 |a Yan, Qiang.  |e author. 
700 1 |a Deng, Robert H.  |e author. 
710 2 |a SpringerLink (Online service) 
773 0 |t Springer eBooks 
776 0 8 |i Printed edition:  |z 9783319175027 
830 0 |a SpringerBriefs in Computer Science,  |x 2191-5768 
856 4 0 |u http://dx.doi.org/10.1007/978-3-319-17503-4  |z Full Text via HEAL-Link 
912 |a ZDB-2-SCS 
950 |a Computer Science (Springer-11645)