Signature-based User Authentication / Signature-based User Authentication

Hámorník, Juraj

January 2015

This work aims on missing handwritten signature authentication in Windows. Result of this work is standalone software that allow users to log into Windows by writing signature. We focus on security of signature authentification and best overall user experience. We implemented signature authentification service that accept signature and return user access token if signature is genuine. Signature authentification is done by comparing given signature to signature patterns by their similarity. Signatures similarity is calculated by dynamic time warp on dynamic signature features such as speed, acceleration and pressure. User access token is used by our Windows login plugin called signature credential provider to decrypt user credentials and perform log in. Result of this work is solution that allow user log to windows by handwritten signatures, with equal error rate of 4.17\%.

Trust- and clustering-based authentication service in MANET.

January 2004

Ngai Cheuk Han. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2004. / Includes bibliographical references (leaves 110-117). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Background Study --- p.5 / Chapter 2.1 --- Mobile Ad Hoc Networks --- p.5 / Chapter 2.1.1 --- Definition --- p.5 / Chapter 2.1.2 --- Characteristics --- p.5 / Chapter 2.1.3 --- Applications --- p.6 / Chapter 2.1.4 --- Standards --- p.7 / Chapter 2.1.5 --- Routing Protocols --- p.8 / Chapter 2.2 --- Security in Mobile Ad Hoc Networks --- p.11 / Chapter 2.2.1 --- Vulnerabilities --- p.11 / Chapter 2.2.2 --- Motivation for the Attacks --- p.12 / Chapter 2.2.3 --- Types of Attacks --- p.13 / Chapter 2.3 --- Cryptography --- p.13 / Chapter 2.3.1 --- Cryptographic goals --- p.13 / Chapter 2.3.2 --- Symmetric-key encryption --- p.14 / Chapter 2.3.3 --- Asymmetric-key encryption --- p.14 / Chapter 2.3.4 --- Digital Signatures --- p.15 / Chapter 2.3.5 --- Digital Certificates --- p.15 / Chapter 2.3.6 --- Certificate Authority --- p.16 / Chapter 2.4 --- Literature Review --- p.17 / Chapter 3 --- Related Work --- p.23 / Chapter 4 --- Architecture and Models --- p.26 / Chapter 4.1 --- Architecture of the Authentication Service --- p.26 / Chapter 4.2 --- The Network Model --- p.28 / Chapter 4.2.1 --- Clustering-Based Structure --- p.31 / Chapter 4.2.2 --- Clusterhead Selection Criteria and Role --- p.33 / Chapter 4.3 --- The Trust Model --- p.37 / Chapter 4.3.1 --- Direct TVust --- p.40 / Chapter 4.3.2 --- Recommendation Trust --- p.41 / Chapter 4.3.3 --- Deriving Direct Trust --- p.41 / Chapter 5 --- Trust- and Clustering-Based Authentication Service --- p.43 / Chapter 5.1 --- Clustering Structure Formation and Maintenance --- p.43 / Chapter 5.1.1 --- Clustering Structure Formation --- p.43 / Chapter 5.1.2 --- Network Maintenance --- p.45 / Chapter 5.2 --- Security Operations --- p.50 / Chapter 5.2.1 --- Public Key Certification --- p.51 / Chapter 5.2.2 --- Identification of Malicious Nodes --- p.55 / Chapter 5.2.3 --- Trust Value Update --- p.58 / Chapter 5.3 --- Special Scenarios --- p.60 / Chapter 5.3.1 --- Join the network --- p.60 / Chapter 5.3.2 --- Move to another cluster --- p.61 / Chapter 5.3.3 --- Not Enough Introducer --- p.62 / Chapter 6 --- Simulations and Results --- p.65 / Chapter 6.1 --- Authentication Service Based on Trust and Network Mod- els --- p.65 / Chapter 6.1.1 --- Experiments Set-Up --- p.65 / Chapter 6.1.2 --- Simulation Results --- p.67 / Chapter 6.2 --- Clusters Formation and Maintenance --- p.85 / Chapter 6.2.1 --- Experiments Set-Up --- p.85 / Chapter 6.2.2 --- Simulation Results --- p.86 / Chapter 6.3 --- Authentication Service Based on Trust and Network Mod- els with Clusters Formation and Maintenance --- p.91 / Chapter 6.3.1 --- Experiments Set-Up --- p.91 / Chapter 6.3.2 --- Simulation Results --- p.94 / Chapter 7 --- Conclusion --- p.108 / Bibliography --- p.117

Wireless LANs--Security measures

Authentication

PGP und authentisierte Kommunikation mit Nutzern des URZ

Mueller, Thomas

21 June 1995

Im Vortrag werden die Funktionsprinzipien von PGP sowie verwendete Verfahren dargelegt. Ziel ist die Schaffung einer geeigneten Technologie im Universitaetsrechenzentrum zur Sicherung des Mailbetriebs.

Public_Key_Encryption

Authentication

ddc:004

PGP

Biometric authentication system for secure digital cameras

Blythe, Paul A.

January 2005

Thesis (Ph. D.)--State University of New York at Binghamton, Watson School of Engineering and Applied Science (Systems Science), 2005. / Includes bibliographical references.

Design considerations for a computationally-lightweight authentication mechanism for passive RFID tags

Frushour, John H.

January 2009

Thesis (M.S. in Computer Science)--Naval Postgraduate School, September 2009. / Thesis Advisor(s): Fulp, J.D. ; Huffmire, Ted. "September 2009." Description based on title screen as viewed on November 6, 2009. Author(s) subject terms: Passive RFID Systems, Tags, Clock, Electro-magnetic induction, authentication, hash, SHA--1. Includes bibliographical references (p. 59-60). Also available in print.

Návrh a realizace autentizační metody pro přístup k webové službě v prostředí .NET / Design and implementation of authentication method for accessing web service in .NET environment

Tenora, Lukáš

January 2010

Work deals with the authentication methods for access to Web services. The first part of the authentication methods are explained and possible safety risks. The second part describes the design and implementation of custom authentication Web service environment.. NET

Studies in authentication

Yakoubov, Sophia

15 November 2020

This thesis presents advances in several areas of authentication. First, we consider cryptographic accumulators, which are compact digital objects representing arbitrarily large sets. They support efficient proofs of membership (or, alternatively, of non-membership). We give the first definition of cryptographic accumulators in the UC framework, and construct two new accumulators: one uniquely suited for use in a revokable anonymous credential scheme, and one uniquely suited for use in a distributed system such as a blockchain-based PKI. Next, we consider multi-designated verifier signatures (MDVS). An MDVS is a special kind of signature that can only be verified by parties explicitly specified by the signer; more than that, even if those designated verifiers wanted to prove to an external party (e.g. an adversary) that a certain message was signed by the signer, they should be unable to do so. This is crucial in contexts where off-the-record communication is desirable; the sender may not want to be provably linked to a possibly sensitive message, but still want the intended recipients to be able to verify the authenticity of the message. Existing literature defines and builds limited notions of MDVS, where the off-the-record property only holds when it is conceivable that all verifiers collude. We strengthen this property to support any subset of colluding verifiers, and give two constructions of our stronger notion of MDVS: one from functional encryption, and one from standard primitives (but with a slightly larger signature size). Finally, we consider fuzzy password authenticated key exchange (Fuzzy PAKE). PAKEs are protocols which enable two parties holding the same password (that is, the same potentially low-entropy, non-uniform string) to agree on a (high-entropy, uniform) secret key in a way that resists man-in-the-middle attacks and offline dictionary attacks on the password. We define Fuzzy PAKE, a special kind of PAKE where the passwords used for authentication may contain some errors. We provide the first efficient and general solutions to this problem that enable, for example, key agreement based on commonly used biometrics such as iris scans.

Computer science

Authentication

Cryptography

Security

Voice Authenticationa Study Of Polynomial Representation Of Speech Signals

Strange, John

01 January 2005

A subset of speech recognition is the use of speech recognition techniques for voice authentication. Voice authentication is an alternative security application to the other biometric security measures such as the use of fingerprints or iris scans. Voice authentication has advantages over the other biometric measures in that it can be utilized remotely, via a device like a telephone. However, voice authentication has disadvantages in that the authentication system typically requires a large memory and processing time than do fingerprint or iris scanning systems. Also, voice authentication research has yet to provide an authentication system as reliable as the other biometric measures. Most voice recognition systems use Hidden Markov Models (HMMs) as their basic probabilistic framework. Also, most voice recognition systems use a frame based approach to analyze the voice features. An example of research which has been shown to provide more accurate results is the use of a segment based model. The HMMs impose a requirement that each frame has conditional independence from the next. However, at a fixed frame rate, typically 10 ms., the adjacent feature vectors might span the same phonetic segment and often exhibit smooth dynamics and are highly correlated. The relationship between features of different phonetic segments is much weaker. Therefore, the segment based approach makes fewer conditional independence assumptions which are also violated to a lesser degree than for the frame based approach. Thus, the HMMs using segmental based approaches are more accurate. The speech polynomials (feature vectors) used in the segmental model have been shown to be Chebychev polynomials. Use of the properties of these polynomials has made it possible to reduce the computation time for speech recognition systems. Also, representing the spoken word waveform as a Chebychev polynomial allows for the recognition system to easily extract useful and repeatable features from the waveform allowing for a more accurate identification of the speaker. This thesis describes the segmental approach to speech recognition and addresses in detail the use of Chebychev polynomials in the representation of spoken words, specifically in the area of speaker recognition. .

speech polynomials voice authentication

Mathematics

Language Design for Token Server Authentication Policies

Busch, Rebecca Lynn

03 December 2004

No description available.

Computer Science

authentication policy

language

Tradeoffs in Protocol Designs for Collaborative Authentication

Venne, Jacob

24 March 2017

Authentication is a crucial tool used in access control mechanisms to verify a user’s identity. Collaborative Authentication (co-authentication) is a newly proposed authentication scheme designed to improve on traditional token authentication. Co-authentication works by using multiple user devices as tokens to collaborate in a challenge and authenticate a user request on single device. This thesis adds two contributions to the co-authentication project. First, a detailed survey of applications that are suitable for adopting co-authentication is presented. Second, an analysis of tradeoffs between varying protocol designs of co-authentication is performed to determine whether, and how, any designs are superior to other designs.

access control

co-authentication

collaborative authentication

computer security

token authentication

Computer Sciences