On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability
The design of leakage-resilient password systems (LRPSes) in the absence of trusted devices remains a challenging problem today despite two decades of intensive research in the security community. In this paper, we investigate the inherent tradeoff between security and usability in designing LRPS. F...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2012
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/1435 https://ink.library.smu.edu.sg/context/sis_research/article/2434/viewcontent/NDSS2012YanDeng.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-2434 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-24342018-01-18T05:42:38Z On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability YAN, Qiang HAN, Jin LI, Yingjiu DENG, Huijie, Robert The design of leakage-resilient password systems (LRPSes) in the absence of trusted devices remains a challenging problem today despite two decades of intensive research in the security community. In this paper, we investigate the inherent tradeoff between security and usability in designing LRPS. First, we demonstrate that most of the existing LRPS systems are subject to two types of generic attacks - brute force and statistical attacks, whose power has been underestimated in the literature. Second, in order to defend against these two generic attacks, we introduce five design principles that are necessary to achieve leakage resilience in the absence of trusted devices. We also show that these attacks cannot be effectively mitigated without significantly sacrificing the usability of LRPS systems. Third, to better understand the tradeoff between security and usability of LRPS, we propose for the first time a quantitative analysis framework on usability costs of password systems. By decomposing the authentication process of existing LRPS systems into atomic cognitive operations in psychology, we show that a secure LRPS in practical settings always imposes a considerable amount of cognitive workload on its users, which indicates the inherent limitations of such systems and in turn implies that an LRPS has to incorporate certain trusted devices in order to be both secure and usable. 2012-02-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/1435 https://ink.library.smu.edu.sg/context/sis_research/article/2434/viewcontent/NDSS2012YanDeng.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Digital Communications and Networking |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Digital Communications and Networking |
| spellingShingle |
Digital Communications and Networking YAN, Qiang HAN, Jin LI, Yingjiu DENG, Huijie, Robert On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability |
| description |
The design of leakage-resilient password systems (LRPSes) in the absence of trusted devices remains a challenging problem today despite two decades of intensive research in the security community. In this paper, we investigate the inherent tradeoff between security and usability in designing LRPS. First, we demonstrate that most of the existing LRPS systems are subject to two types of generic attacks - brute force and statistical attacks, whose power has been underestimated in the literature. Second, in order to defend against these two generic attacks, we introduce five design principles that are necessary to achieve leakage resilience in the absence of trusted devices. We also show that these attacks cannot be effectively mitigated without significantly sacrificing the usability of LRPS systems. Third, to better understand the tradeoff between security and usability of LRPS, we propose for the first time a quantitative analysis framework on usability costs of password systems. By decomposing the authentication process of existing LRPS systems into atomic cognitive operations in psychology, we show that a secure LRPS in practical settings always imposes a considerable amount of cognitive workload on its users, which indicates the inherent limitations of such systems and in turn implies that an LRPS has to incorporate certain trusted devices in order to be both secure and usable. |
| format |
text |
| author |
YAN, Qiang HAN, Jin LI, Yingjiu DENG, Huijie, Robert |
| author_facet |
YAN, Qiang HAN, Jin LI, Yingjiu DENG, Huijie, Robert |
| author_sort |
YAN, Qiang |
| title |
On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability |
| title_short |
On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability |
| title_full |
On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability |
| title_fullStr |
On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability |
| title_full_unstemmed |
On Limitations of Designing Usable Leakage-Resilient Password Systems: Attacks, Principles and Usability |
| title_sort |
on limitations of designing usable leakage-resilient password systems: attacks, principles and usability |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2012 |
| url |
https://ink.library.smu.edu.sg/sis_research/1435 https://ink.library.smu.edu.sg/context/sis_research/article/2434/viewcontent/NDSS2012YanDeng.pdf |
| _version_ |
1770571120401973248 |