{"title":"使用虚拟密码和秘密小函数对密码进行更强的认证","authors":"P. Umadevi, V. Saranya","doi":"10.1109/ICICES.2014.7033936","DOIUrl":null,"url":null,"abstract":"People enjoy the convenience of on-line services, Automated Teller Machines (ATMs), and pervasive computing, but online environments, ATMs, and pervasive computing may bring many risks by adversaries. To prevent users passwords from adversaries by implementing a differentiated virtual password concept in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security, where a virtual password requires a small amount of human computing to secure users passwords. A user-specified function/program is used to implement the virtual password concept with a tradeoff of security for complexity requiring a small amount of human computing. Further we propose several functions to serve as system recommended functions and provide a security analysis. For user-specified functions, we adopt a secret little functions in which security is enhanced by hiding secret functions/algorithms. Analyze how the proposed scheme defends against phishing, key logger, and shoulder-surfing attacks. The virtual password mechanism is the first one which is able to defend against all three attacks together.","PeriodicalId":13713,"journal":{"name":"International Conference on Information Communication and Embedded Systems (ICICES2014)","volume":"71 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2014-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Stronger authentication for password using virtual password and secret little functions\",\"authors\":\"P. Umadevi, V. Saranya\",\"doi\":\"10.1109/ICICES.2014.7033936\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"People enjoy the convenience of on-line services, Automated Teller Machines (ATMs), and pervasive computing, but online environments, ATMs, and pervasive computing may bring many risks by adversaries. To prevent users passwords from adversaries by implementing a differentiated virtual password concept in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security, where a virtual password requires a small amount of human computing to secure users passwords. A user-specified function/program is used to implement the virtual password concept with a tradeoff of security for complexity requiring a small amount of human computing. Further we propose several functions to serve as system recommended functions and provide a security analysis. For user-specified functions, we adopt a secret little functions in which security is enhanced by hiding secret functions/algorithms. Analyze how the proposed scheme defends against phishing, key logger, and shoulder-surfing attacks. The virtual password mechanism is the first one which is able to defend against all three attacks together.\",\"PeriodicalId\":13713,\"journal\":{\"name\":\"International Conference on Information Communication and Embedded Systems (ICICES2014)\",\"volume\":\"71 1\",\"pages\":\"1-6\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Information Communication and Embedded Systems (ICICES2014)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICICES.2014.7033936\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Information Communication and Embedded Systems (ICICES2014)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICICES.2014.7033936","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Stronger authentication for password using virtual password and secret little functions
People enjoy the convenience of on-line services, Automated Teller Machines (ATMs), and pervasive computing, but online environments, ATMs, and pervasive computing may bring many risks by adversaries. To prevent users passwords from adversaries by implementing a differentiated virtual password concept in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security, where a virtual password requires a small amount of human computing to secure users passwords. A user-specified function/program is used to implement the virtual password concept with a tradeoff of security for complexity requiring a small amount of human computing. Further we propose several functions to serve as system recommended functions and provide a security analysis. For user-specified functions, we adopt a secret little functions in which security is enhanced by hiding secret functions/algorithms. Analyze how the proposed scheme defends against phishing, key logger, and shoulder-surfing attacks. The virtual password mechanism is the first one which is able to defend against all three attacks together.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
