Napredna pretraga

Pregled bibliografske jedinice broj: 681135

User Friendly Authentication Mechanisms in User-to- Device and Device-to-Device Interactions

Perković, Toni
User Friendly Authentication Mechanisms in User-to- Device and Device-to-Device Interactions 2013., doktorska disertacija, FESB-Fakultet elektrotehnike, strojarstva i brodogradnje u Splitu, Split

User Friendly Authentication Mechanisms in User-to- Device and Device-to-Device Interactions

Perković, Toni

Vrsta, podvrsta i kategorija rada
Ocjenski radovi, doktorska disertacija

FESB-Fakultet elektrotehnike, strojarstva i brodogradnje u Splitu





Čagalj, Mario

Ključne riječi
Usable Security; Timing attack; Relay Attack; Multichannel Protocol; Message Authentication Protocol

A large number of authentication mechanisms that grant access to an information system or a service are usually too complex or incomprehensible for an end user (e.g., an invalid certificate warning). Interacting with such a large number of authentication methods (e.g., e-mails) can result in an increased user frustration and a higher probability of critical errors, making the proposed mechanisms both unusable and insecure. In the context of user-to-device authentication (e.g., user authentication on ATM, PC), we consider two types of malicious behavior. The first type deals with the problem of observation attacks in secure user-authentication protocols that exploit nonuniform human behavior. Unfortunately, such type of behavior gives the attacker opportunity to successfully mount a timing attack. This thesis presents the first public report about a successful (timing) attack on two secure authentication methods, Undercover and a US patent. The second type of malicious behavior concerns the problem of relay attack in the context of financial transactions. Inspired by the recent work of Stajano et al. [1] on unrelayable channels, in this thesis we show that a piece of paper imprinted with a secret message and appropriately folded (hence fortune cookie) can implement a weakly unrelayable channel. Concerning the user-assisted device-to-device authentication problem (e.g., setting up a secure WiFi connection, secure initialization of a relatively large number of wireless sensor networks (eHealth, Smarthome)) we designed new protocols for the initialization of multiple resource constrained wireless devices and proved their security in a formal model. We used a paradigm based on multichannel protocols in which information is transmitted over both a radio and a visible light channel (VLC). By using unidirectional error- detection codes we proved the security of our protocol in a much stronger attacker model where the VLC is semi-authentic.

Izvorni jezik

Znanstvena područja
Elektrotehnika, Računarstvo


Projekt / tema
023-0231924-1660 - NAPREDNE HETEROGENE MREŽNE TEHNOLOGIJE (Dinko Begušić, )

Fakultet elektrotehnike, strojarstva i brodogradnje, Split

Autor s matičnim brojem:
Toni Perković, (297662)