Pregled bibliografske jedinice broj: 681135
User Friendly Authentication Mechanisms in User-to- Device and Device-to-Device Interactions
User Friendly Authentication Mechanisms in User-to- Device and Device-to-Device Interactions, 2013., doktorska disertacija, FESB-Fakultet elektrotehnike, strojarstva i brodogradnje u Splitu, Split
CROSBI ID: 681135 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
User Friendly Authentication Mechanisms in User-to- Device and Device-to-Device Interactions
Autori
Perković, Toni
Vrsta, podvrsta i kategorija rada
Ocjenski radovi, doktorska disertacija
Fakultet
FESB-Fakultet elektrotehnike, strojarstva i brodogradnje u Splitu
Mjesto
Split
Datum
03.04
Godina
2013
Stranica
180
Mentor
Čagalj, Mario
Ključne riječi
Usable Security; Timing attack; Relay Attack; Multichannel Protocol; Message Authentication Protocol
Sažetak
A large number of authentication mechanisms that grant access to an information system or a service are usually too complex or incomprehensible for an end user (e.g., an invalid certificate warning). Interacting with such a large number of authentication methods (e.g., e-mails) can result in an increased user frustration and a higher probability of critical errors, making the proposed mechanisms both unusable and insecure. In the context of user-to-device authentication (e.g., user authentication on ATM, PC), we consider two types of malicious behavior. The first type deals with the problem of observation attacks in secure user-authentication protocols that exploit nonuniform human behavior. Unfortunately, such type of behavior gives the attacker opportunity to successfully mount a timing attack. This thesis presents the first public report about a successful (timing) attack on two secure authentication methods, Undercover and a US patent. The second type of malicious behavior concerns the problem of relay attack in the context of financial transactions. Inspired by the recent work of Stajano et al. [1] on unrelayable channels, in this thesis we show that a piece of paper imprinted with a secret message and appropriately folded (hence fortune cookie) can implement a weakly unrelayable channel. Concerning the user-assisted device-to-device authentication problem (e.g., setting up a secure WiFi connection, secure initialization of a relatively large number of wireless sensor networks (eHealth, Smarthome)) we designed new protocols for the initialization of multiple resource constrained wireless devices and proved their security in a formal model. We used a paradigm based on multichannel protocols in which information is transmitted over both a radio and a visible light channel (VLC). By using unidirectional error- detection codes we proved the security of our protocol in a much stronger attacker model where the VLC is semi-authentic.
Izvorni jezik
Engleski
Znanstvena područja
Elektrotehnika, Računarstvo
POVEZANOST RADA
Projekti:
023-0231924-1660 - NAPREDNE HETEROGENE MREŽNE TEHNOLOGIJE (Begušić, Dinko, MZOS ) ( CroRIS)
Ustanove:
Fakultet elektrotehnike, strojarstva i brodogradnje, Split
