KOPS - The Institutional Repository of the University of Konstanz

Breaking Randomized Linear Generation Functions Based Virtual Password System

Breaking Randomized Linear Generation Functions Based Virtual Password System

Cite This

Files in this item

Checksum: MD5:0cd9e61f6be2b1eb1ffc202a8392b853

LI, Shujun, Syed Ali KHAYAM, Ahmad-Reza SADEGHI, Roland SCHMITZ, 2010. Breaking Randomized Linear Generation Functions Based Virtual Password System. ICC 2010 - 2010 IEEE International Conference on Communications. Cape Town, South Africa, May 23, 2010 - May 27, 2010. In: 2010 IEEE International Conference on Communications. IEEE, pp. 1-6. ISBN 978-1-4244-6402-9. Available under: doi: 10.1109/ICC.2010.5502416

@inproceedings{Li2010-05Break-6389, title={Breaking Randomized Linear Generation Functions Based Virtual Password System}, year={2010}, doi={10.1109/ICC.2010.5502416}, isbn={978-1-4244-6402-9}, publisher={IEEE}, booktitle={2010 IEEE International Conference on Communications}, pages={1--6}, author={Li, Shujun and Khayam, Syed Ali and Sadeghi, Ahmad-Reza and Schmitz, Roland} }

<rdf:RDF xmlns:dcterms="http://purl.org/dc/terms/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:dspace="http://digital-repositories.org/ontologies/dspace/0.1.0#" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:void="http://rdfs.org/ns/void#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#" > <rdf:Description rdf:about="https://kops.uni-konstanz.de/rdf/resource/123456789/6389"> <dc:creator>Khayam, Syed Ali</dc:creator> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/52"/> <void:sparqlEndpoint rdf:resource="http://localhost/fuseki/dspace/sparql"/> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/52"/> <foaf:homepage rdf:resource="http://localhost:8080/jspui"/> <dc:creator>Sadeghi, Ahmad-Reza</dc:creator> <dcterms:hasPart rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/6389/1/Li_4_ICC2010.pdf"/> <dc:rights>terms-of-use</dc:rights> <dc:contributor>Li, Shujun</dc:contributor> <bibo:uri rdf:resource="http://kops.uni-konstanz.de/handle/123456789/6389"/> <dc:language>eng</dc:language> <dcterms:title>Breaking Randomized Linear Generation Functions Based Virtual Password System</dcterms:title> <dspace:hasBitstream rdf:resource="https://kops.uni-konstanz.de/bitstream/123456789/6389/1/Li_4_ICC2010.pdf"/> <dc:creator>Schmitz, Roland</dc:creator> <dcterms:available rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T16:12:23Z</dcterms:available> <dc:format>application/pdf</dc:format> <dc:contributor>Schmitz, Roland</dc:contributor> <dc:contributor>Khayam, Syed Ali</dc:contributor> <dcterms:bibliographicCitation>First publ. in: 2010 IEEE International Conference on Communications : (ICC 2010) ; Cape Town, South Africa, 23 - 27 May 2010. Piscataway, NJ : IEEE, 2010, pp. 1- 6</dcterms:bibliographicCitation> <dcterms:issued>2010-05</dcterms:issued> <dcterms:isPartOf rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dcterms:rights rdf:resource="https://rightsstatements.org/page/InC/1.0/"/> <dspace:isPartOfCollection rdf:resource="https://kops.uni-konstanz.de/rdf/resource/123456789/36"/> <dcterms:abstract xml:lang="eng">In ICC2008 and subsequent work, Lei et al. proposed a user authentication system (virtual password system), which is claimed to be secure against identity theft attacks, including phishing, keylogging and shoulder surfing. Their authentication system is a challenge-response protocol based on a randomized linear generation function, which uses a random integer in the responses of each login session to offer security against assorted attacks. In this paper we show that their virtual password system is insecure and vulnerable to multiple attacks. We show that with high probability an attacker can recover an equivalent password with only two (or a few more) observed login sessions. We also give a brief survey of the related work and discuss the main challenges in designing user authentication methods secure against identity theft.</dcterms:abstract> <dc:contributor>Sadeghi, Ahmad-Reza</dc:contributor> <dc:creator>Li, Shujun</dc:creator> <dc:date rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2011-03-24T16:12:23Z</dc:date> </rdf:Description> </rdf:RDF>

Downloads since Oct 1, 2014 (Information about access statistics)

Li_4_ICC2010.pdf 513

This item appears in the following Collection(s)

Search KOPS


Browse

My Account