A Cloud Authentication Protocol using One-Time Pad

There is a significant increase in the amount of data breaches in corporate servers in the cloud environments. This includes username and password compromise in the cloud and account hijacking, thus leading to severe vulnerabilities of the cloud service provisioning. Traditional authentication schemes rely on the users to use their credentials to gain access to cloud service. However once the credential is compromised, the attacker will gain access to the cloud service easily. This paper proposes a novel scheme that does not require the user to present his credentials, and yet is able to prove ownership of access to the cloud service using a variant of zero-knowledge proof. A challenge-response protocol is devised to authenticate the user, requiring the user to compute a one-time pad (OTP) to authenticate himself to the server without revealing password to the server. A prototype has been implemented to facilitate the authentication of the user when accessing Dropbox, and the experiment results showed that the overhead incurred is insignificant

Biometrics for internet‐of‐things security: A review

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions

Biometric Fuzzy Extractor Scheme for Iris Templates

In: The 2009 World Congress in Computer Science, Computer Engineering, and Applied Computing (WORLDCOMP'09), The 2009 International Conference on Security and Management (SAM'09), Vol II, Proceedings 563--569. H.R. Arabnia and K. Daimi (Eds.), Las Vegas (USA), July, 2009Biometric recognition offers a reliable and natural solution to the problem of user authentication by means of her physical and behavioral traits. An iris template protection scheme which associates and retrieves a secret value with a high level of security, is proposed. The security is guaranteed thanks to the requirements of fuzzy extractors. The implementation of the scheme is done in Java and experimental results are performed to calculate its False Acceptance Rate and its False Rejection Rate.This work has been partially supported by Ministerio de Industria, Turismo y Comercio (Spain), in collaboration with CDTI and Telefónica I+D under the project SEGUR@ (CENIT-2007 2004).Peer reviewe

Explore the Security ofthe Fingerprint Fuzzy Vault Scheme Which Based on N- Neighbor Matching

随着指纹识别技术在智能手机上的普及，指纹加密技术及其安全问题备受关注。指纹模糊金库算法能够将生物特征的模糊性和密钥的精确性有机地结合在一起，因为这一优点，近年来许多学者都对指纹模糊金库算法进行了深入的研究。大量的指纹模糊金库方案被提出，王的n邻域指纹模糊金库方案就是其中之一。该方案在上锁阶段利用指纹的n邻域结构创建指纹模糊金库；在解锁阶段通过对比n邻域结构实现身份验证。该方案在效率和精确度上都有着良好的表现，但是王并没有对该方案的安全性进行深入的研究。 科技飞速发展的今天，人们越来越关注安全性。因为科技的发展也带来了黑客科技的进步。近年来许多人受到口令猜测、钓鱼诈骗等攻击，而导致银行账号、密...With the popularity of fingerprint recognition on intelligent phone, the fingerprint encryption technology and its security are received much concern. The fingerprint fuzzy vault scheme integrate the obscure attribute of the biometric data into the exact attribute of the secret . And for this advantage , A lot of scholar work on the fingerprint fuzzy vault .A number of fingerprint fuzzy vault s...学位：工学硕士院系专业：信息科学与技术学院_计算机科学与技术学号：2302013115316

Security analysis of a fingerprint-secured USB drive

In response to user demands for mobile data security and maximum ease of use, fingerprint-secured mobile storage devices have been increasingly available for purchase. A fingerprint-secured Universal Serial Bus (USB) drive looks like a regular USB drive, except that it has an integrated optical scanner. When a fingerprint-secured USB drive is plugged into a computer running Windows, a program on this drive will run automatically to ask for fingerprint authentication. (When the program runs the very first time, it will ask for fingerprint enrollment). After a successful fingerprint authentication, a new private drive (for example, drive G:) will appear and data stored on the private drive can be accessed. This private drive will not appear if the fingerprint authentication fails. This thesis studies the security of a representative fingerprint-secured USB drive referred to by the pseudonym AliceDrive. Our results are two fold. First, through black-box reverse engineering and manipulation of binary code in a DLL, we bypassed AliceDrive’s fingerprint authentication and accessed the private drive without actually presenting a valid fingerprint. Our attack is a class attack in that the modified DLL can be distributed to any naive user to bypass AliceDevice’s fingerprint authentication. Second, in our security analysis of AliceDrive, we recovered fingerprint reference templates from memory, which may make AliceDrive worse than a regular USB drive: when Alice loses her fingerprint-secured USB drive, she does not only lose her data, she also loses her fingerprints, which are difficult to recover as Alice’s fingerprints do not change much over a long period of time. In this thesis, we also explore details in integrating fuzzy vault schemes to enhance the security of AliceDrive