Title :
Secret Little Functions and Codebook for Protecting Users from Password Theft
Author :
Xiao, Yang ; Li, Chung-Chih ; Lei, Ming ; Vrbsky, Susan V.
Author_Institution :
Dept. of Comput. Sci., Univ. of Alabama, Tuscaloosa, AL
Abstract :
In this paper, we discuss how to prevent users´ passwords from being stolen by adversaries. We propose differentiated security mechanisms in which a user has the freedom to choose a virtual password scheme ranging from weak security to strong security. Among the schemes, we have a default method (i.e., traditional password scheme), system recommended function, user-specified function, user-specified program, etc. We further propose a codebook approach to serve as system recommended functions and provide a security analysis. For user-specified functions, we adopt secret little functions, in which security is enhanced by hiding secret functions/algorithms.
Keywords :
security of data; codebook approach; differentiated security mechanisms; password theft; secret little functions; security analysis; system recommended function; traditional password scheme; user-specified function; user-specified program; virtual password scheme; Authentication; Communications Society; Computer science; Filters; Heart; Humans; Information technology; Internet; Protection; Security;
Conference_Titel :
Communications, 2008. ICC '08. IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-2075-9
Electronic_ISBN :
978-1-4244-2075-9
DOI :
10.1109/ICC.2008.295
