Sciweavers

Share
ICC
2008
IEEE

Secret Little Functions and Codebook for Protecting Users from Password Theft

8 years 8 months ago
Secret Little Functions and Codebook for Protecting Users from Password Theft
—In this paper, we discuss how to prevent users’ passwords from being stolen by adversaries. We propose differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security. The tradeoff is that the stronger the scheme, the more complex the scheme may be. Among the schemes, we have a default method (i.e., traditional password scheme), system recommended function, user-specified function, user-specified program, etc. A function/program is used to implement the virtual password concept with a trade off of security for complexity requiring a small amount of human computing. We further propose codebook approach to serve as system recommended functions and provide a security analysis. For user-specified functions, we adopt secret little functions, in which security is enhanced by hiding secret functions/algorithms.
Yang Xiao, Chung-Chih Li, Ming Lei, Susan V. Vrbsk
Added 30 May 2010
Updated 30 May 2010
Type Conference
Year 2008
Where ICC
Authors Yang Xiao, Chung-Chih Li, Ming Lei, Susan V. Vrbsky
Comments (0)
books