Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Institution
- Publication
- Publication Type
Articles 1 - 5 of 5
Full-Text Articles in Information Security
Message-Layer Encryption In Ricochet, Liam B. Kirsh
Message-Layer Encryption In Ricochet, Liam B. Kirsh
Computer Science and Software Engineering
My intention for this project was to implement encryption and authentication on Ricochet's message layer. This provides two major benefits. The first is a higher level of encryption in the event that a flaw is found in the existing channel-layer encryption, or if increases in computing power make attacks on that encryption feasible. Tor is used by the military, journalists, law enforcement, researchers, and activists, whose communications may be interesting to state-level adversaries and criminal organizations with access to great amount of computing resources. Additionally, message-layer encryption would allow users to specify relay nodes that can temporarily store messages and …
Breathprint: Breathing Acoustics-Based User Authentication, Jagmohan Chauhan, Yining Hu, Suranga Sereviratne, Archan Misra, Aruna Sereviratne, Youngki Lee
Breathprint: Breathing Acoustics-Based User Authentication, Jagmohan Chauhan, Yining Hu, Suranga Sereviratne, Archan Misra, Aruna Sereviratne, Youngki Lee
Research Collection School Of Computing and Information Systems
We propose BreathPrint, a new behavioural biometric signature based on audio features derived from an individual's commonplace breathing gestures. Specifically, BreathPrint uses the audio signatures associated with the three individual gestures: sniff, normal, and deep breathing, which are sufficiently different across individuals. Using these three breathing gestures, we develop the processing pipeline that identifies users via the microphone sensor on smartphones and wearable devices. In BreathPrint, a user performs breathing gestures while holding the device very close to their nose. Using off-the-shelf hardware, we experimentally evaluate the BreathPrint prototype with 10 users, observed over seven days. We show that users …
What You See Is Not What You Get: Leakage-Resilient Password Entry Schemes For Smart Glasses, Yan Li, Yao Cheng, Yingjiu Li, Robert H. Deng
What You See Is Not What You Get: Leakage-Resilient Password Entry Schemes For Smart Glasses, Yan Li, Yao Cheng, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
Smart glasses are becoming popular for users to access various services such as email. To protect these services, password-based user authentication is widely used. Unfortunately, the password based user authentication has inherent vulnerability against password leakage. Many efforts have been put on designing leakage resilient password entry schemes on PCs and mobile phones with traditional input equipment including keyboards and touch screens. However, such traditional input equipment is not available on smart glasses. Existing password entry on smart glasses relies on additional PCs or mobile devices. Such solutions force users to switch between different systems, which causes interrupted experience and …
Lightweight Three-Factor Authentication And Key Agreement Protocol For Internet-Integrated Wireless Sensor Networks, Qi Jiang, Sherali Zeadally, Jianfeng Ma, Debiao He
Lightweight Three-Factor Authentication And Key Agreement Protocol For Internet-Integrated Wireless Sensor Networks, Qi Jiang, Sherali Zeadally, Jianfeng Ma, Debiao He
Information Science Faculty Publications
Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their …
Deceptive Security Based On Authentication Profiling, Andrew Nicholson, Helge Janicke, Andrew Jones, Adeeb Alnajaar
Deceptive Security Based On Authentication Profiling, Andrew Nicholson, Helge Janicke, Andrew Jones, Adeeb Alnajaar
Australian Information Security Management Conference
Passwords are broken. Multi-factor Authentication overcomes password insecurities, but its potentials are often not realised. This article presents InSight, a system to actively identify perpetrators by deceitful adaptation of the accessible system resources using Multi-factor Authentication profiles. This approach improves authentication reliability and attributes users by computing trust scores against profiles. Based on this score, certain functionality is locked, unlocked, buffered, or redirected to a deceptive honeypot, which is used for attribution. The novelty of this approach is twofold; a profile-based multi-factor authentication approach that is combined with a gradient, deceptive honeypot.