Changing users' security behaviour towards security questions: A game based learning approach

Fallback authentication is used to retrieve forgotten passwords. Security questions are one of the main techniques used to conduct fallback authentication. In this paper, we propose a serious game design that uses system-generated security questions with the aim of improving the usability of fallback authentication. For this purpose, we adopted the popular picture-based "4 Pics 1 word" mobile game. This game was selected because of its use of pictures and cues, which previous psychology research found to be crucial to aid memorability. This game asks users to pick the word that relates to the given pictures. We then customized this game by adding features which help maximize the following memory retrieval skills: (a) verbal cues - by providing hints with verbal descriptions, (b) spatial cues - by maintaining the same order of pictures, (c) graphical cues - by showing 4 images for each challenge, (d) interactivity/engaging nature of the game.Comment: 6, Military Communications and Information Systems Conference (MilCIS), 2017. arXiv admin note: substantial text overlap with arXiv:1707.0807

Feasibility of the interlock protocol against man-in-the-middle attacks on quantum cryptography

If an eavesdropper succeeds in compromising the quantum as well as the classical channels and mimics the receiver "Bob" for the sender "Alice" and vice versa, one defence strategy is the successive, temporally interlocked partial transmission of the entire encrypted message

APTE: An Algorithm for Proving Trace Equivalence

This paper presents APTE, a new tool for automatically proving the security of cryptographic protocols. It focuses on proving trace equivalence between processes, which is crucial for specifying privacy type properties such as anonymity and unlinkability. The tool can handle protocols expressed in a calculus similar to the applied-pi calculus, which allows us to capture most existing protocols that rely on classical cryptographic primitives. In particular, APTE handles private channels and else branches in protocols with bounded number of sessions. Unlike most equivalence verifier tools, APTE is guaranteed to terminate Moreover, APTE is the only tool that extends the usual notion of trace equivalence by considering ``side-channel'' information leaked to the attacker such as the length of messages and the execution times. We illustrate APTE on different case studies which allowed us to automatically (re)-discover attacks on protocols such as the Private Authentication protocol or the protocols of the electronic passports

Case study:exploring children’s password knowledge and practices

Children use technology from a very young age, and often have to authenticate themselves. Yet very little attention has been paid to designing authentication specifically for this particular target group. The usual practice is to deploy the ubiquitous password, and this might well be a suboptimal choice. Designing authentication for children requires acknowledgement of child-specific developmental challenges related to literacy, cognitive abilities and differing developmental stages. Understanding the current state of play is essential, to deliver insights that can inform the development of child-centred authentication mechanisms and processes. We carried out a systematic literature review of all research related to children and authentication since 2000. A distinct research gap emerged from the analysis. Thus, we designed and administered a survey to school children in the United States (US), so as to gain insights into their current password usage and behaviors. This paper reports preliminary results from a case study of 189 children (part of a much larger research effort). The findings highlight age-related differences in children’s password understanding and practices. We also discovered that children confuse concepts of safety and security. We conclude by suggesting directions for future research. This paper reports on work in progress.<br/

God and Evidence: A Cooperative Approach

This article identifies intellectualism as the view that if we simply think hard enough about our evidence, we get an adequate answer to the question of whether God exists. The article argues against intellectualism, and offers a better alternative involving a kind of volitional evidentialism. If God is redemptive in virtue of seeking divine -human reconciliation, we should expect the evidence for God to be likewise redemptive. In that case, according to the article, the evidence for God would aim to draw the human will toward cooperation with God’s will. Accordingly, the available evidence for God would be volitionally sensitive in that one’s coming to possess it would depend on one’s volitional stance toward its source. The article identifies some implications for divine hiddenness, traditional natural theology, and the view that the evidence for God’s existence is akin to evidence for a scientific hypothesis

Reconnaissance of ‘Difference’ in Cognitive Maps: Authenticating Happily Ever After in Julia Quinn’s To Sir Philip with Love

This study explores differences in individual cognitive mapping of the protagonists in Julia Quinn’s novel, To Sir Philip with Love. A qualitative analysis of the maps, cartographed on physiological and psychological planes, finds them to be diverse in nature. A “difference” is developed, step by step, in the mental cognitive mapping of the female protagonist of Eloise and in the physical cognitive maps of the character the male protagonist, Philip. Nonetheless, the thesis lies in the inherent creativity caused by the collision of two varied cognitions. Analysis of these cognitions involves the creation of these characters according to the basic cognitive structure of the romance readers as well. After an investigation of the ‘mindscaping’ model, developed primarily around the main characters in To Sir Philip with Love, it is concluded that the positivity in the conflicting maps is established because of the genre of the novel, in which there is a need to channel the individual cognition towards the creation of a larger cognitive map for the readers, with authentication of Happily Ever After as its goal. Furthermore, this paper also locates the status of these findings within the romance narrative; authentication of HEA, works as a major building force in molding and constructing the authorial, fictional and reader cognition.