Physical Sciences and Mathematics Commons^™

Secure And Authenticated Data Communication In Wireless Sensor Networks, Omar Alfandi, Arne Bochem, Ansgar Kellner, Christian Göge, Dieter Hogrefe

All Works

© 2015 by the authors; licensee MDPI, Basel, Switzerland. Securing communications in wireless sensor networks is increasingly important as the diversity of applications increases. However, even today, it is equally important for the measures employed to be energy efficient. For this reason, this publication analyzes the suitability of various cryptographic primitives for use in WSNs according to various criteria and, finally, describes a modular, PKI-based framework for confidential, authenticated, secure communications in which most suitable primitives can be employed. Due to the limited capabilities of common WSN motes, criteria for the selection of primitives are security, power efficiency and memory …

Analysis Of Real-World Passwords For Social Media Sites, Mark J. Quinn

Masters Theses, 2010-2019

Textual passwords have dominated all other entity authentication mechanisms since they were introduced in the early 1960’s. Despite an inherent weakness against social engineering, keylogging, shoulder surfing, dictionary, and brute-force attacks, password authentication continues to grow as the Internet expands. Existing research on password authentication proves that dictionary attacks are successful because users make poor choices when creating passwords. To make passwords easier to remember, users select character strings that are shorter in length and contain memorable content, like personal identity information, common words found in a dictionary, backward spellings of common words, recognizable sequences, and easily guessed mnemonic phrases. …

A Dynamic Behavioral Biometric Approach To Authenticate Users Employing Their Fingers To Interact With Touchscreen Devices, Arturo Ponce

CCE Theses and Dissertations

The use of mobile devices has extended to all areas of human life and has changed the way people work and socialize. Mobile devices are susceptible to getting lost, stolen, or compromised. Several approaches have been adopted to protect the information stored on these devices. One of these approaches is user authentication. The two most popular methods of user authentication are knowledge based and token based methods but they present different kinds of problems.

Biometric authentication methods have emerged in recent years as a way to deal with these problems. They use an individual’s unique characteristics for identification and have …

Authentication Melee: A Usability Analysis Of Seven Web Authentication Systems, Scott Ruoti

Theses and Dissertations

Passwords continue to dominate the authentication landscape in spite of numerous proposals to replace them. Even though usability is a key factor in replacing passwords, very few alternatives have been subjected to formal usability studies and even fewer have been analyzed using a standard metric. We report the results of four within-subjects usability studies for seven web authentication systems. These systems span federated, smartphone, paper tokens, and email-based approaches. Our results indicate that participants prefer single sign-on systems. We utilize the Systems Usability Scale (SUS) as a standard metric for empirical analysis and find that it produces reliable, replicable results. …

Analysis And Improvement On A Biometric-Based Remote User Authentication Scheme Using Smart Cards, Fengtong Wen, Willy Susilo, Guomin Yang

Research Collection School Of Computing and Information Systems

In a recent paper (BioMed Research International, 2013/491289), Khan et al. proposed an improved biometrics-based remote user authentication scheme with user anonymity. The scheme is believed to be secure against password guessing attack, user impersonation attack, server masquerading attack, and provide user anonymity, even if the secret information stored in the smart card is compromised. In this paper, we analyze the security of Khan et al.’s scheme, and demonstrate that their scheme doesn’t provide user anonymity. This also renders that their scheme is insecure against other attacks, such as off-line password guessing attack, user impersonation attacks. Subsequently, we propose a …

An Electroencephalogram (Eeg) Based Biometrics Investigation For Authentication: A Human-Computer Interaction (Hci) Approach, Ricardo J. Rodriguez

CCE Theses and Dissertations

Encephalogram (EEG) devices are one of the active research areas in human-computer interaction (HCI). They provide a unique brain-machine interface (BMI) for interacting with a growing number of applications. EEG devices interface with computational systems, including traditional desktop computers and more recently mobile devices. These computational systems can be targeted by malicious users. There is clearly an opportunity to leverage EEG capabilities for increasing the efficiency of access control mechanisms, which are the first line of defense in any computational system.

Access control mechanisms rely on a number of authenticators, including “what you know”, “what you have”, and “what you …

Efficient Id-Based Authentication And Key Agreement Protocols For The Session Initiation Protocol, Haci Hakan Kilinç, Yolguly Allaberdiyev, Tuğrul Yanik, Serdar Süer Erdem

Turkish Journal of Electrical Engineering and Computer Sciences

In a widely deployed VoIP system tens of thousands of clients compete for the SIP proxy server's authentication service. SIP protocol implementations have to meet certain QoS and security requirements. In this study new ID-based protocols are proposed for the SIP authentication and key agreement protocols. These protocols minimize the use of expensive pairing functions but still resist notable attacks. The security of the proposed protocols are analyzed and demonstrated with security proofs based on the BJM security model. Finally, the performance overhead of the proposed protocols are compared to ID-based SIP authentication and key agreement protocols given in the …