Location-Aware Sign-On and Key Exchange using Attribute-Based Encryption and Bluetooth Beacons Marcos Portnoi, Chien-Chung Shen Computer and Information Sciences, University of Delaware Newark, Delaware The Issue
Enter the Location-Aware Sign-on
Traditional authentication consists of username and password.
Strong security requires stronger passwords.
Long, hard-to-memorize passwords.
How do we get stronger passwords?
Longer passwords with high entropy = hard-to-memorize passwords.
Uses location as an authentication factor. Uses the consumer mobile device (smartphone) as an agent to perform locationaware sign-on procedures on behalf of the user. Uses Attribute-Based Encryption (ABE) to construct a secure key exchange protocol. Uses Bluetooth Low Energy beacons to delimit wireless broadcast zones for indoor location. Does not require that the mobile device knows, or reports, its present location.
Case scenario: office The Location-Aware Sign-On at work
1. Password + another (temporary) information shared through secondary channel. SMS codes.
Token authenticators.
419 Royal Bank. The one-time code is 18471030. Please enter and submit it online.
Unique passwords per system in which we are registered.
Wireless-delimited broadcast zones, employing Bluetooth Low-Energy beacons, covers an office floor. Beacons broadcast ABE encrypted messages (keys) containing access rules. If a mobile device within range is able to decrypt the message, then a key exchange follows between mobile device and backend system.
And then, more issues
We navigate and sign-on to several systems in a day.
Pigeon Email Login
This is a sign-on procedure done on behalf of the user.
Username: connorm Corporate Intranet
Password: •••••••••
Username: cmacleod Password: ••••••••• PaperTrail Bank Username: CmaCleod Password: •••••••••
A second authentication step is performed by the user, utilizing a “simpler” factor (a temporary PIN, pattern, or fingerprint) to the backend system.
Singularity University Username: cmacleod9
Old News Tribune
Password: •••••••••
Username: cmcleod Password: •••••••••
We tend to rely more on mobile devices for access.
Mobile devices = small touch screens, no hardware keyboards.
The Key Exchange
Typing long, mixed-character passwords is cumbersome!
How can we combine: wireless communications, two-factor authentication, long passwords, into an improved user experience with authentication security?
Highlights
Our ABE-based key exchange allows access rules (built on attributes) to be encoded within ciphertext itself. The messages containing access rules can be broadcast through insecure medium.
The primary access decision relies on the capacity, of the user, to decrypt the broadcast message (i.e., the user’s attributes). The access rules can be changed on the fly. www.marcosportnoi.com
Uses the consumer mobile device (smartphone) as an agent to perform location- aware sign-on procedures on behalf of the user. ⢠Uses Attribute-Based Encryption (ABE) to construct a secure key exchange protocol. ⢠Uses Bluetooth Low Energy beacons to delimit wireless broadcast zones for indoor location. ⢠Does not ...
backend system verifies the username and password (or the hash of the password) against a database, and then grants, or not, access to a system. .... this key exchange, and as compared to traditional key exchange formats: ⢠ABE is ...
What tools are needed and where are they ? MP4Box to encrypt or decrypt ... drm_file. It is an XML file whose syntax looks like this: XML Syntax. 1. 2. 3. 4. 5. 6. 7.
integrate the ZKP into the protocol design and meanwhile achieve good efficiency. Our protocol ... From on-line banking to accessing personal emails ...... It protects users from leaking passwords (say to a fake bank website). ... Proceedings of the
non of many secure electronic commerce applications, the design of .... oracle has either accepted with some session key or ...... cluded in every signature.
School of Computing and Information Technology. University of Western ... Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW'06).
... proof approach for pro- tocols, the security model comprises protocol participants .... a related finite field and the map êis derived from either the. Weil or Tate ...
is a receiver of message F low1, we say that Pi acts as a responder in this instance. ..... test session key and win the test session. However, we show that ...
Department of Computing, Electronics, and Mechatronics. Universidad de las ... is reported in [2]. One more research that uses on-line handwritten signatures to ..... RVP is encrypted using the advanced encryption standard. (AES) encryption ...
using ECG signals from MIT-BIH database. ... importance due to the actual security concerns in .... complement Hamming distance and the security factor.
Formal and Informal Emails Key Word Sentence Transformation Game. FCE Writing ... Students should place the cards in vertical column on the table. It doesn't ...
Game 1: Key Words in Business Writing- Word Formation Card Game .... Due to the number of enquiries about last year's special edition, we have decided to.
on each others' websites and simulates a virtual exchange economy. Our main .... selling his/her goods at market prices and buying a new bundle of goods that ...
Share Calendars using a Microsoft Exchange Server Account.pdf. Share Calendars using a Microsoft Exchange Server Account.pdf. Open. Extract. Open with.
Comparing Symmetric-key and Public-key based Security Schemes in Sensor Networks: A Case Study of User Access Control. Haodong Wang, Bo Sheng, Chiu ...
energy and conserving the environment. Did ... energy to power a television for 3 hours. ... Renewable is the ability for a product, a source of energy etc. to be.
chances are he's just started something and so we can't. We hardly get any time together actually. Now I realise. why my parents said: 'Why don't you get a nice ...
... apps below to open or edit this item. pdf-073\using-and-applying-mathematics-at-key-stage-1-a ... nd-thinking-skills-nace-fulton-publication-by-elain.pdf.