Passwords and the evolution of imperfect authentication

Theory on passwords has lagged practice, where large providers use back-end smarts to survive with imperfect technology.This is the author accepted manuscript. The final version is available from ACM via http://dx.doi.org/10.1145/269939

The quest to replace passwords: A framework for comparative evaluation of web authentication schemes

Abstract—We evaluate two decades of proposals to replace text passwords for general-purpose user authentication on the web using a broad set of twenty-five usability, deployability and security benefits that an ideal scheme might provide. The scope of proposals we survey is also extensive, including password management software, federated login protocols, graphical password schemes, cognitive authentication schemes, one-time passwords, hardware tokens, phone-aided schemes and biometrics. Our comprehensive approach leads to key insights about the difficulty of replacing passwords. Not only does no known scheme come close to providing all desired benefits: none even retains the full set of benefits that legacy passwords already provide. In particular, there is a wide range from schemes offering minor security benefits beyond legacy passwords, to those offering significant security benefits in return for being more costly to deploy or more difficult to use. We conclude that many academic proposals have failed to gain traction because researchers rarely consider a sufficiently wide range of real-world constraints. Beyond our analysis of current schemes, our framework provides an evaluation methodology and benchmark for future web authentication proposals. Keywords-authentication; computer security; human computer interaction; security and usability; deployability; economics; software engineering. I

Intentionality and Agency in Security

Weiser [13] said that the best software is that which just blends in and disap- pears. Security software has been at odds with this principle as it attempts to attract user attention whenever possible—it has been largely designed to be visible to the user and ask them to take action. For example, anti-virus software proudly notifies the user how many viruses it has stopped while websites dis- play padlocks and security seals. Users are disrupted in their work by security notifications, asked to read warnings and decide whether they want to heed or ignore them.ERC 30722

To have and have not: Variations on secret sharing to model user presence

We address the problem of locking and unlocking a device, such as a laptop, a phone or a security token, based on the absence or presence of the user. We detect user presence by sensing the proximity of a subset of their possessions, making the process automatic and effortless. As in previous work, a master key unlocks the device and a secret-sharing scheme allows us to reconstruct this master key in the presence of k-out-of-n items. We extend this basic scheme in various directions, e.g. by allowing items to issue a dynamically variable number of shares based on how confident they are that the user is present. The position we argue in this paper is that a multi-dimensional approach to authentication that fuses several contextual inputs, similar to that already adopted by major web sites, can also bring advantages at the local scale.This is the author accepted manuscript. The final published version is available at http://dl.acm.org/citation.cfm?id=2641705&CFID=518729474&CFTOKEN=85977065

A cinquant’anni dalla strage di Piazza Fontana : riflessioni

The paper is divided in three sections, all linked by the common topic revolving around the Piazza Fontana massacre, its memory and the historiography related to it. The first section presents the most recent debate’s topics, fifty years to the day after the massacre; the second section offers a memoire of Corrado Stajano, since then a protagonist of the Italian intellectual and civil life; the last section aims at presenting an overview of what historians have written about the sensitive topic of US role in the so-called strategy of tension that invested Italy ever since Piazza Fontana.Il saggio, attraverso una articolazione in tre parti, affronta il tema del rapporto tra storia e memoria in occasione del Cinquantesimo anniversario della strage di Piazza Fontana. Si compone di tre sezioni dedicate rispettivamente, la prima, ad una analisi del dibattito più recente sulla strage di Piazza Fontana e alle principali linee emerse, la seconda, alla testimonianza di Corrado Stajano, già da allora protagonista della vita culturale e civile italiana, la terza, ad una breve sintesi del dibattito storiografico sul tema del ruolo statunitense nella strategia della tensione

Security by Spatial Reference:Using Relative Positioning to Authenticate Devices for Spontaneous Interaction

Spontaneous interaction is a desirable characteristic associated with mobile and ubiquitous computing. The aim is to enable users to connect their personal devices with devices encountered in their environment in order to take advantage of interaction opportunities in accordance with their situation. However, it is difficult to secure spontaneous interaction as this requires authentication of the encountered device, in the absence of any prior knowledge of the device. In this paper we present a method for establishing and securing spontaneous interactions on the basis of emphspatial references that capture the spatial relationship of the involved devices. Spatial references are obtained by accurate sensing of relative device positions, presented to the user for initiation of interactions, and used in a peer authentication protocol that exploits a novel mechanism for message transfer over ultrasound to ensures spatial authenticity of the sender

Improving Secure Device Insertion in Home Ad Hoc Networks

Home ad-hoc networks are sets of devices that interact to offer enhanced services to the users. These networks are heterogeneous, dynamic and fully decentralized. Moreover, they generally lack of a skilled administrator. These properties dramatically reduce the efficiency of classical security approaches: even defining the boundaries of such networks can be difficult. Ways to solve this problem where recently found, using the concept of secure long-term communities. Solutions rely on one critical operation: the secure insertion of a device in the home ad-hoc network. In this paper, we propose two ways to improve this operation, using store-and-forward techniques. The first improvement deals with the ability to realize insertion under loose connectivity circumstances. The other improvement deals with the ability for the user to use any trusted device in order to realize insertion. Keywords: Network Security, Key-management

Deploying authentication in the wild: Towards greater ecological validity in security usability studies

Abstract Pico is a token-based login method that claims to be simultaneously more usable and more secure than passwords. It does not ask users to remember any secrets, nor to type one-time passwords. We evaluate Pico’s claim with two deployments and user studies, one on a web-based service and another within an organization. Our main aim is to collect actionable intelligence on how to improve the usability and deployability of Pico. In our first study we team up with an established website, Gyazo, to offer this alternative login mechanism to users intent on performing a real task of image sharing. From the lessons of this first study, we retarget Pico’s focus from replacing web passwords to replacing desktop login passwords; and thus in our second study we engage with a government organization, Innovate UK, to offer employees the ability to lock and unlock their computer automatically based on proximity. We focus particularly on the ecological validity of the trials and we thereby gain valuable insights into the viability of Pico, not only through the actual responses from the participants but also through the many practical challenges we had to face and overcome. Reflecting on the bigger picture, from our experience we believe the security usability community would greatly benefit from pushing towards greater ecological validity in published work, despite the considerable difficulties and costs involved.This work was supported by the European Research Council (ERC) [StG 307224, Pico, to FMS] and the extended visits of Gyazo inventor and CTO Masui to Cambridge were supported by the Engineering and Physical Sciences Research Council (EPSRC) [EP/M019055/1, Future authentication systems, to FMS]

Pico in the Wild: Replacing Passwords, One Site at a Time

Passwords are a burden on the user, especially nowadays with an increasing number of accounts and a proliferation of different devices. Pico is a token-based login method that does not ask users to remember any secrets, nor require keyboard entry of one-time passwords. We wish to evaluate its claim of being simultaneously more usable and more secure than passwords, whilst testing its support for frictionless deployment to web-based services. Our main aim is to collect actionable intelligence on how to improve it. In our study, we teamed up with an Alexa Top 500 website, Gyazo, to offer this alternative login mechanism to users intent on performing a real task of image sharing. We focused on the ecological validity of the trial, and gained knowledge both through the challenges of the trial and the results generated. Users appreciated the ability to avoid password entry but the overall benefit was mitigated by the existing measures put in place by Gyazo to minimise the number of times users are presented with a password entry box. Our main finding is that providing enough benefit requires a solution that applies across sites, rather than focusing on authentication for a single site in isolation.We would also like to thank the European Research Council (ERC) for funding this research through grant StG 307224 (Pico) and the Engineering and Physical Sciences Research Council (EPSRC) through grant EP/M019055/1