Abstract: A method, and an apparatus performing the method, is provided by authenticating a mobile device communicably connectable to a wireless network by an authentication parameter from a secure transaction server (STS), as a mobile device authenticator; providing an STS correlation between a personal identification entry (PIE) and the mobile device authenticator; and inputting, by a user, the PIE and a provider action, to the mobile device authenticator to transmit a transformed secure user authenticable authorization request to the STS over the wireless network to authorize an action with a provider.

Abstract: The development of the wireless body area sensor network (BASN) is imperative for modern telemedicine and m-health, but security remains a formidable challenge yet to be resolved. As nodes of BASN are expected to be interconnected on or in the human body, the body itself can form an inherently secure communication pathway that is unavailable to all other kinds of wireless networks. This article explores the use of this conduit in the security mechanism of BASN; that is, by a biometrics approach that uses an intrinsic characteristic of the human body as the authentication identity or the means of securing the distribution of a cipher key to secure inter-BASN communications. The method was tested on 99 subjects with 838 segments of simultaneous recordings of electrocardiogram and photoplethysmogram. By using the interpulse interval (IPI) as the biometric trait, the system achieved a minimum half total error rate of 2.58 percent when the IPIs measured from signals, which were sampled at 1000 Hz, were coded into 128-bit binary sequences. The study opens up a few key issues for future investigation, including compensation schemes for the asynchrony of different channels, coding schemes, and other suitable biometric traits.

Abstract: A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e.g., those based on passwords, certificates, biometric techniques, smart cards, etc.) are employed depending on the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient.

Abstract: With the advancement in user-centric and URI-based identity systems over the past two years, it has become clear that a single specification will not be the solution to all problems. Rather, like the other layers of the Internet, developing small, interoperable specifications that are independently implementable and useful will ultimately lead to market adoption of these technologies. This is the intent of the OpenID framework. OpenID Authentication 1.0 began as a lightweight HTTP-based URL authentication protocol. OpenID Authentication 2.0 it is now turning into an open community-driven platform that allows and encourages innovation. It supports both URLs and XRIs as user identifiers, uses Yadis XRDS documents for identity service discovery, adds stronger security, and supports both public and private identifiers. With continuing convergence under this broad umbrella, the OpenID framework is emerging as a viable solution for Internet-scale user-centric identity infrastructure.

Abstract: The present invention provides systems and methods for authenticating access requests from user devices by presenting one of a plurality of graphical user interfaces selected depending on a perceived risk of fraud associated with the devices. User devices are identified with fingerprinting information, and their associated risks of fraud are determined from past experience with the device or with similar devices and from third party information. In preferred embodiments, different graphical user interfaces are presented based on both fraud risk and, in the case of a known user, usability. In preferred embodiments, this invention is implemented as a number of communicating modules that identify user devices, assess their risk of fraud, present selected user interfaces, and maintain databases of fraud experiences. This invention also includes systems providing these authentication services.

Abstract: Security is becoming an everyday concern for a wide range of electronic systems that manipulate, communicate, and store sensitive data. An important and emerging category of such electronic systems are battery-powered mobile appliances, such as personal digital assistants (PDAs) and cell phones, which are severely constrained in the resources they possess, namely, processor, battery, and memory. This work focuses on one important constraint of such devices-battery life-and examines how it is impacted by the use of various security mechanisms. In this paper, we first present a comprehensive analysis of the energy requirements of a wide range of cryptographic algorithms that form the building blocks of security mechanisms such as security protocols. We then study the energy consumption requirements of the most popular transport-layer security protocol: Secure Sockets Layer (SSL). We investigate the impact of various parameters at the protocol level (such as cipher suites, authentication mechanisms, and transaction sizes, etc.) and the cryptographic algorithm level (cipher modes, strength) on the overall energy consumption for secure data transactions. To our knowledge, this is the first comprehensive analysis of the energy requirements of SSL. For our studies, we have developed a measurement-based experimental testbed that consists of an iPAQ PDA connected to a wireless local area network (LAN) and running Linux, a PC-based data acquisition system for real-time current measurement, the OpenSSL implementation of the SSL protocol, and parameterizable SSL client and server test programs. Based on our results, we also discuss various opportunities for realizing energy-efficient implementations of security protocols. We believe such investigations to be an important first step toward addressing the challenges of energy-efficient security for battery-constrained systems.

Abstract: RFID-tags are becoming very popular tools for identification of products. As they have a small microchip on board, they offer functionality that can be used for security purposes. This chip functionality makes it possible to verify the authenticity of a product and hence to detect and prevent counterfeiting. In order to be successful for these security purposes too, RFID-tags have to be resistant against many attacks, in particular against cloning of the tag. In this paper, we investigate how an RFID-tag can be made unclonable by linking it inseparably to a Physical Unclonable Function (PUF). We present the security protocols that are needed for the detection of the authenticity of a product when it is equipped with such a system. We focus on off-line authentication because it is very attractive from a practical point of view. We show that a PUF based solution for RFID-tags is feasible in the off-line case.

Abstract: Recent technologies have cleared the way for large scale application of electronic communication. The open and distributed nature of these communications implies that the communication medium is no longer completely controlled by the communicating parties. As a result, there has been an increasing demand for research in establishing secure communications over insecure networks, by means of security protocols. In this thesis, a formal model for the description and analysis of security protocols at the process level is developed. At this level, under the assumption of perfect cryptography, the analysis focusses on detecting aws and vulnerabilities of the security protocol. Starting from ??rst principles, operational semantics are developed to describe security protocols and their behaviour. The resulting model is parameterized, and can e.g. capture various intruder models, ranging from a secure network with no intruder, to the strongest intruder model known in literature. Within the security protocol model various security properties are de??ned, such as secrecy and various forms of authentication. A number of new results about these properties are formulated and proven correct. Based on the model, an automated veri??cation procedure is developed, which signi ??cantly improves over existing methods. The procedure is implemented in a prototype, which outperforms other tools. Both the theory and tool are applied in two novel case studies. Using the tool prototype, new results are established in the area of protocol composition, leading to the discovery of a class of previously undetected attacks. Furthermore, a new protocol in the area of multiparty authentication is developed. The resulting protocol is proven correct within the framework.

Abstract: This paper presents a biometric user authentication based on a person’s gait. Unlike most previous gait recognition approaches, which are based on machine vision techniques, in our approach gait patterns are extracted from a physical device attached to the lower leg. From the output of the device accelerations in three directions: vertical, forward-backward, and sideways motion of the lower leg are obtained. A combination of these accelerations is used for authentication. Applying two different methods, histogram similarity and cycle length, equal error rates (EER) of 5% and 9% were achieved, respectively.

Abstract: In this paper, we consider user authentication (UA) for wireless sensor networks. UA is a fundamental issue in designing dependable and secure systems. Imagine that a wireless sensor network is deployed in an intelligent building, a hospital, or even a university campus, to allow legitimate users to send queries and retrieve the respective result at any of the sensor nodes. Importantly, the system needs to provide a means of user authentication to verify if the user is valid. We propose a dynamic strong-password based solution to this access control problem and adapt it into a wireless sensor network environment. The proposed strong-password authentication approach imposes very light computational load and requires simple operations, such as one-way hash function and exclusive-OR operations. We present the design of the proposed scheme and discuss how to make use of the security features on MAC sublayer (medium access control) based on the IEEE 802.15.4 specification. Analysis on security and communication costs is presented to evaluate the effectiveness of the proposed scheme.

Abstract: This document specifies an Extensible Authentication Protocol (EAP) mechanism for authentication and session key distribution using the Authentication and Key Agreement (AKA) mechanism used in the 3rd generation mobile networks Universal Mobile Telecommunications System (UMTS) and cdma2000. AKA is based on symmetric keys, and runs typically in a Subscriber Identity Module (UMTS Subscriber Identity Module USIM, or (Removable) User Identity Module (R)UIM), a smart card like device. EAP-AKA includes optional identity privacy support, optional result indications, and an optional fast re-authentication procedure.

Abstract: Mobile handsets have found an important place in modern society, with hundreds of millions currently in use. The majority of these devices use inherently weak authentication mechanisms, based upon passwords and PINs. This paper presents a feasibility study into a biometric-based technique, known as keystroke analysis – which authenticates the user based upon their typing characteristic. In particular, this paper identifies two typical handset interactions, entering telephone numbers and typing text messages, and seeks to authenticate the user during their normal handset interaction. It was found that neural network classifiers were able to perform classification with average equal error rates of 12.8%. Based upon these results, the paper concludes by proposing a flexible and robust framework to permit the continuous and transparent authentication of the user, thereby maximising security and minimising user inconvenience, to service the needs of the insecure and evermore functional mobile handset.

Abstract: In a network user authentication system, a network user is identified for authentication purposes using the unique identifier for a dedicated physical communication line associated with the building in which the network user is located or a digital certificate which is associated with a secure component or communication line physically attached to a building. An authentication server initially verifies the identification of the dedicated communication line to be associated with a network service subscriber or issues a unique digital certificate to be associated with the dedicated communication line for authentication purposes. The digital certificate may be stored in a building gateway or in an edge site module which is connected to the secure components of a plurality of buildings and stores unique digital certificates for each building.

Abstract: We present a novel framework for lossless (invertible) authentication watermarking, which enables zero-distortion reconstruction of the un-watermarked images upon verification. As opposed to earlier lossless authentication methods that required reconstruction of the original image prior to validation, the new framework allows validation of the watermarked images before recovery of the original image. This reduces computational requirements in situations when either the verification step fails or the zero-distortion reconstruction is not needed. For verified images, integrity of the reconstructed image is ensured by the uniqueness of the reconstruction procedure. The framework also enables public(-key) authentication without granting access to the perfect original and allows for efficient tamper localization. Effectiveness of the framework is demonstrated by implementing the framework using hierarchical image authentication along with lossless generalized-least significant bit data embedding.

Abstract: This paper presents an overview of the CL-Atse tool, an efficient and versatile automatic analyser for the security of cryptographic protocols. CL-Atse takes as input a protocol specified as a set of rewriting rules (IF format, produced by the AVISPA compiler), and uses rewriting and constraint solving techniques to model all reachable states of the participants and decide if an attack exists w.r.t. the Dolev-Yao intruder. Any state-based security property can be modelled (like secrecy, authentication, fairness, etc...), and the algebraic properties of operators like xor or exponentiation are taken into account with much less limitations than other tools, thanks to a complete modular unification algorithm. Also, useful constraints like typing, inequalities, or shared sets of knowledge (with set operations like removes, negative tests, etc...) can also be analysed.

Abstract: k-times anonymous authentication (k-TAA) schemes allow members of a group to be authenticated anonymously by application providers for a bounded number of times. Dynamic k-TAA allows application providers to independently grant or revoke users from their own access group so as to provide better control over their clients. In terms of time and space complexity, existing dynamic k-TAA schemes are of complexities O(k), where k is the allowed number of authentication. In this paper, we construct a dynamic k-TAA scheme with space and time complexities of O(log(k)). We also outline how to construct dynamic k-TAA scheme with a constant proving effort. Public key size of this variant, however, is O(k). We then construct an ordinary k-TAA scheme from the dynamic scheme. We also describe a trade-off between efficiency and setup freeness of AP, in which AP does not need to hold any secret while maintaining control over their clients. To build our system, we modify the short group signature scheme into a signature scheme and provide efficient protocols that allow one to prove in zero-knowledge the knowledge of a signature and to obtain a signature on a committed block of messages. We prove that the signature scheme is secure in the standard model under the q-SDH assumption. Finally, we show that our dynamic k-TAA scheme, constructed from bilinear pairing, is secure in the random oracle model.

Abstract: Protection from hardware attacks such as snoopers and mod chips has been receiving increasing attention in computer architecture. This paper presents a new combined memory encryption/authentication scheme. Our new split counters for counter-mode encryption simultaneously eliminate counter overflow problems and reduce per-block counter size, and we also dramatically improve authentication performance and security by using the Galois/Counter Mode of operation (GCM), which leverages counter-mode encryption to reduce authentication latency and overlap it with memory accesses. Our results indicate that the split-counter scheme has a negligible overhead even with a small (32KB) counter cache and using only eight counter bits per data block. The combined encryption/authentication scheme has an IPC overhead of 5% on average across SPEC CPU 2000 benchmarks, which is a significant improvement over the 20% overhead of existing encryption/authentication schemes.

Abstract: A system, method, and apparatus to minimize fraud at the user, merchant, and/or financial institution level. A control computer (60) provides authentication and/or transaction processing. The control computer (60) has access to databases comprising user, merchant, enrollment, transaction, duplicate, and fraudulent activity data. Parties may enroll in the system via an enrollment computer (50) and conduct transactions through the system via a merchant computer (70). Users are issued hardware identification keys containing an encrypted user code. Access keys can be required in addition to an authorized user key to conduct certain actions. Keys are copyprotected and can comprise a computer operating system. The hardware profile of client devices can be recorded. Parties may specify minimum and/or maximum security levels and restrict transactions. Transactions with parties can be authenticated without sending user personal data to the parties. Users can control transfer of information from their personal communication device to other devices.

Abstract: Secure pairing of electronic devices that lack any previous association is a challenging problem which has been considered in many contexts and in various flavors. In this paper, we investigate the use of audio for human-assisted authentication of previously un-associated devices. We develop and evaluate a system we call Loud-and-Clear (L&C) which places very little demand on the human user. L&C involves the use of a text-to-speech (TTS) engine for vocalizing a robust-sounding and syntactically-correct (English-like) sentence derived from the hash of a device’s public key. By coupling vocalization on one device with the display of the same information on another device, we demonstrate that L&C is suitable for secure device pairing (e.g., key exchange) and similar tasks. We also describe several common use cases, provide some performance data for our prototype implementation and discuss the security properties of L&C.

Abstract: We create a credential system that lets a user anonymously authenticate at most $n$ times in a single time period. A user withdraws a dispenser of n e-tokens. She shows an e-token to a verifier to authenticate herself; each e-token can be used only once, however, the dispenser automatically refreshes every time period. The only prior solution to this problem, due to Damgard et al. [29], uses protocols that are a factor of k slower for the user and verifier, where k is the security parameter. Damgard et al. also only support one authentication per time period, while we support n. Because our construction is based on e-cash, we can use existing techniques to identify a cheating user, trace all of her e-tokens, and revoke her dispensers. We also offer a new anonymity service: glitch protection for basically honest users who (occasionally) reuse e-tokens. The verifier can always recognize a reused e-token; however, we preserve the anonymity of users who do not reuse e-tokens too often.

Abstract: Providing desirable data security, that is, confidentiality, authenticity, and availability, in wireless sensor networks (WSNs) is challenging, as a WSN usually consists of a large number of resource constraint sensor nodes that are generally deployed in unattended/hostile environments and, hence, are exposed to many types of severe insider attacks due to node compromise. Existing security designs mostly provide a hop-by-hop security paradigm and thus are vulnerable to such attacks. Furthermore, existing security designs are also vulnerable to many types of Denial of Service (DoS) attacks, such as report disruption attacks and selective forwarding attacks and thus put data availability at stake. In this paper, we seek to overcome these vulnerabilities for large-scale static WSNs. We come up with a location-aware end-to-end security framework in which secret keys are bound to geographic locations and each node stores a few keys based on its own location. This location-aware property effectively limits the impact of compromised nodes only to their vicinity without affecting end-to-end data security. The proposed multifunctional key management framework assures both node-to-sink and node-to-node authentication along the report forwarding routes. Moreover, the proposed data delivery approach guarantees efficient en-route bogus data filtering and is highly robust against DoS attacks. The evaluation demonstrates that the proposed design is highly resilient against an increasing number of compromised nodes and effective in energy savings. Index Terms—Data security, wireless sensor network, end-to-end, DoS attack, false-data injection attack.

Abstract: The invention relates to a security element for protecting valuable objects having first and second authentication features. The first authentication feature comprises a first arrangement consisting of a plurality of focussing components arranged in a first raster and a second arrangement consisting of plurality of microscopic structures arranged in a second raster. Said first and second arrangements are placed in such a way that the microscopic structures of the second arrangement appear enlarged when viewed by means of the focussing components of the first arrangement. The second authentication feature is machine-and/or visually controllable and is not influenced by the first arrangement of the first authentication feature.

Abstract: A network infrastructure element such as a router or switch performs brokering network user identity and credential information. An application or administrative user can declare a policy for user identity information extraction, authentication and authorization. Based on the policy, the network element extracts user identity information or credentials from a transport-layer message header, application-layer message header, and message body. Based on the policy, the network element performs one or more authentication or authorization operations with the user identity information or credentials. As a result, a network element can broker identity information among incompatible applications and perform identity operations for the applications.

Abstract: Random partial shared secret recognition is combined with using more than one communication channel between server-side resources and two logical or physical client-side data processing machines. After a first security tier, a first communication channel is opened to a first data processing machine on the client side. The session proceeds by delivering an authentication challenge, identifying a random subset of an authentication credential, to a second data processing machine on the client side using a second communication channel. Next, the user enters an authentication response in the first data processing machine, based on a random subset of the authentication credential. The authentication response is returned to the server side on the first communication channel for matching. The authentication credential can be a one-session-only credential delivered to the user for one session, or a static credential used many times.

Abstract: This paper presents a practical digital signature scheme to be used in conjunction with network coding. Our scheme simultaneously provides authentication and detects malicious nodes that intentionally corrupt content on the network.

Abstract: Methods and apparatus for control of data and content protection mechanisms across a network using a download delivery paradigm. In one embodiment, conditional access (CA), digital rights management (DRM), and trusted domain (TD) security policies are delivered, configured and enforced with respect to consumer premises equipment (CPE) within a cable television network. A trusted domain is established within the user's premises within which content access, distribution, and reproduction can be controlled remotely by the network operator. The content may be distributed to secure or non-secure “output” domains consistent with the security policies enforced by secure CA, DRM, and TD clients running within the trusted domain. Legacy and retail CPE models are also supported. A network security architecture comprising an authentication proxy (AP), provisioning system (MPS), and conditional access system (CAS) is also disclosed, which can interface with a trusted authority (TA) for cryptographic element management and CPE/user device authentication.

Abstract: Recently several researchers and practitioners have begun to address the problem of how to set up secure communication between two devices without the assistance of a trusted third party. McCune et al., (2005) proposed that one device displays the hash of its public key in the form of a barcode, and the other device reads it using a camera. Mutual authentication requires switching the roles of the devices and repeating the above process in the reverse direction. In this paper, we show how strong mutual authentication can be achieved even with a unidirectional visual channel, without having to switch device roles. By adopting recently proposed improved pairing protocols, we propose how visual channel authentication can be used even on devices that have very limited displaying capabilities.

Abstract: Phishing, or web spoofing, is a growing problem: the Anti-Phishing Working Group (APWG) received almost 14,000 unique phishing reports in August 2005, a 56% jump over the number of reports in December 2004 [3]. For financial institutions, phishing is a particularly insidious problem, since trust forms the foundation for customer relationships, and phishing attacks undermine confidence in an institution. Phishing attacks succeed by exploiting a user's inability to distinguish legitimate sites from spoofed sites. Most prior research focuses on assisting the user in making this distinction; however, users must make the right security decision every time. Unfortunately, humans are ill-suited for performing the security checks necessary for secure site identification, and a single mistake may result in a total compromise of the user's online account. Fundamentally, users should be authenticated using information that they cannot readily reveal to malicious parties. Placing less reliance on the user during the authentication process will enhance security and eliminate many forms of fraud. We propose using a trusted device to perform mutual authentication that eliminates reliance on perfect user behavior, thwarts Man-in-the-Middle attacks after setup, and protects a user's account even in the presence of keyloggers and most forms of spyware.We demonstrate the practicality of our system with a prototype implementation.

Abstract: We propose two quantum direct communication (QDC) protocols with user authentication. Users can identify each other by checking the correlation of Greenberger-Horne-Zeilinger (GHZ) states. Alice can directly send a secret message to Bob without any previously shared secret using the remaining GHZ states after authentication. Our second QDC protocol can be used even though there is no quantum link between Alice and Bob. The security of the transmitted message is guaranteed by properties of entanglement of GHZ states.