Global ETD Search

1	Lip password-based speaker verification system with unknown language alphabet Zhou, Yichao 31 August 2018 (has links) The traditional security systems that verify the identity of users based on password usually face the risk of leaking the password contents. To solve this problem, biometrics such as the face, iris, and fingerprint, begin to be widely used in verifying the identity of people. However, these biometrics cannot be changed if the database is hacked. What's more, verification systems based on the traditional biometrics might be cheated by fake fingerprint or the photo.;Liu and Cheung (Liu and Cheung 2014) have recently initiated the concept of lip password, which is composed of a password embedded in the lip movement and the underlying characteristics of lip motion [26]. Subsequently, a lip password-based system for visual speaker verification has been developed. Such a system is able to detect a target speaker saying the wrong password or an impostor who knows the correct password. That is, only a target user speaking correct password can be accepted by the system. Nevertheless, it recognizes the lip password based on a lip-reading algorithm, which needs to know the language alphabet of the password in advance, which may limit its applications.;To tackle this problem, in this thesis, we study the lip password-based visual speaker verification system with unknown language alphabet. First, we propose a method to verify the lip password based on the key frames of lip movement instead of recognizing the individual password elements, such that the lip password verification process can be made without knowing the password alphabet beforehand. To detect these key frames, we extract the lip contours and detect the interest intervals where the lip contours have significant variations. Moreover, in order to avoid accurate alignment of feature sequences or detection on mouth status which is computationally expensive, we design a novel overlapping subsequence matching approach to encode the information in lip passwords in the system. This technique works by sampling the feature sequences extracted from lip videos into overlapping subsequences and matching them individually. All the log-likelihood of each subsequence form the final feature of the sequence and are verified by the Euclidean distance to positive sample centers. We evaluate the proposed two methods on a database that contains totally 8 kinds of lip passwords including English digits and Chinese phrases. Experimental results show the superiority of the proposed methods for visual speaker verification.;Next, we propose a novel visual speaker verification approach based on diagonal-like pooling and pyramid structure of lips. We take advantage of the diagonal structure of sparse representation to preserve the temporal order of lip sequences by employ a diagonal-like mask in pooling stage and build a pyramid spatiotemporal features containing the structural characteristic under lip password. This approach eliminates the requirement of segmenting the lip-password into words or visemes. Consequently, the lip password with any language can be used for visual speaker verification. Experiments show the efficacy of the proposed approach compared with the state-of-the-art ones.;Additionally, to further evaluate the system, we also develop a prototype of the lip password-based visual speaker verification. The prototype has a Graphical User Interface (GUI) that make users easy to access.
2	A secure one-use dynamic backdoor password system based on public key cryptography. January 2002 (has links) Yu Haitao. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2002. / Includes bibliographical references (leaves 71). / Abstracts in English and Chinese. / Chapter Chapter 1. --- Introduction --- p.1 / Chapter 1.1 --- Introduction --- p.1 / Chapter 1.2 --- Thesis organization --- p.6 / Chapter Chapter 2. --- Conventional password authentication and backdoor password schemes --- p.7 / Chapter 2.1 --- Password and password authentication --- p.7 / Chapter 2.1.1 --- Introduction to password and its security problems --- p.7 / Chapter 2.1.2 --- Front-door passwords vs. backdoor passwords --- p.8 / Chapter 2.1.3 --- Dynamic passwords vs. static passwords --- p.9 / Chapter 2.2 --- Forgotten-password problem --- p.10 / Chapter Chapter 3. --- Introduction to Cryptography --- p.12 / Chapter 3.1 --- Introduction to information security --- p.12 / Chapter 3.2 --- Conventional cryptography --- p.16 / Chapter 3.3 --- Public-key cryptography --- p.21 / Chapter 3.4 --- RSA cryptosystem --- p.24 / Chapter 3.5 --- One-way function --- p.27 / Chapter 3.6 --- Digital signature --- p.30 / Chapter 3.7 --- Secret sharing --- p.34 / Chapter 3.8 --- Zero-knowledge proof --- p.34 / Chapter 3.9 --- Key management --- p.36 / Chapter 3.9.1 --- Key distribution in conventional cryptography --- p.36 / Chapter 3.9.2 --- Distribution of public keys --- p.39 / Chapter Chapter 4. --- A secure one-use dynamic backdoor password system based on Public Key Cryptography --- p.42 / Chapter 4.1 --- System objectives --- p.42 / Chapter 4.2 --- Simple system and analysis --- p.45 / Chapter 4.2.1 --- System diagram --- p.45 / Chapter 4.2.2 --- System protocol --- p.46 / Chapter 4.2.3 --- Applied technologies --- p.50 / Chapter 4.2.4 --- System security analysis --- p.52 / Chapter 4.3 --- Multi-user system and analysis --- p.55 / Chapter 4.3.1 --- Modification to the system diagram --- p.56 / Chapter 4.3.2 --- Modification to the system protocol --- p.57 / Chapter 4.3.3 --- System analysis for multi-user system --- p.64 / Chapter 4.4 --- Applicable modes and analysis --- p.66 / Chapter 4.5 --- Conclusion --- p.68 / Chapter Chapter 5. --- Conclusion --- p.69 / Bibliography --- p.71 / Appendix --- p.72 / Chapter A. --- Algorithm of MD5 --- p.72 / Chapter B. --- Algorithm of DSA --- p.76 / Chapter C. --- Algorithm of RSA --- p.79 Public key cryptography Computers--Access control--Passwords Computer security Authentication
3	Single sign-on in heterogeneous computer environments Louwrens, Cecil Petrus 05 September 2012 (has links) M.Sc. / The aim of this dissertation (referred to as thesis in the rest of the document) is to investigate the concept of Single Sign-on (SSO) in heterogeneous computing environments and to provide guidelines and reference frameworks for the selection and successful implementation of SSO solutions. In doing so. it also provides an overview of the basic types of SSO, Secure Single Sign-on (SSSO) solutions, enabling technologies, as well as products currently available. Chapter 1 introduces the sign-on problem, the purpose and organization of the thesis and terminology and abbreviations used. The crux of the sign-on problem is that users are required to sign on to multiple systems, developed at different times and based on different technologies, each with its own set of signon procedures and passwords. This inevitably leads to frustration, loss of productivity and weakened security. Users frequently resort to writing down passwords or using trivial password that can easily be guessed. In Chapter 2 the concepts of Single Sign-on and a special subset of SSO, Secure Single Sign-on are defined. Five types of SSO solutions are identified, namely: Synchronization, Scripting, Proxies and Trusted Hosts. Trusted Authentication Server and Hybrid solutions. Of the available types of solutions, only Trusted Authentication Server and Hybrid solutions can provide Secure Single Sign-on if properly implemented. The security services for SSSO are identified as authentication, authorization, integrity, confidentiality, non-repudiation, security management and cryptographic services. Additional SSSO concepts, as well as the vulnerabilities, obstacles and pitfalls to introducing SSO solutions are discussed. Chapter 3 provides an overview of the most important SSO enabling technologies. The following technologies are discussed: OSF DCE, SESAME, Kerberos, DSSA/SPX, TESS, NetSp, Secure Tokens, GSS-API and Public key Cryptography. Chapter 4 discusses the Open Software Foundation's (OSF) Distributed Computing Environment (DCE). OSF DCE is one of the two open standards for distributed processing which are having a major influence on the development of single sign-on solutions and forms the basis of many existing SSO products. DCE is not a SSO product. but consists of specifications and software. The goal of DCE is to turn a computer network into a single, coherent computing engine. It is considered to be one of the fundamental building blocks for SSO solutions in the future. In Chapter 5 SESAME is discussed in some detail as another major enabling technology for SSO. Secure European System for Applications in a Multi-vendor Environment (SESAME) is an architecture that implements a model for the provision of security services within open systems developed by the European Computer Manufacturers Association (ECMA). The architecture was developed and implemented on a trial basis, by Bull, ICL and Siemens-Nixdorf in an initiative supported by the European Commission. Chapter 6 presents a list of 49 commercial SSO products currently available, classified according to the type of SSO solution. A few representative products are discussed in more detail to give an indication what functionality a prospective buyer could expect. The 'Ideal Single Sign-on' solution is presented in Chapter 7. Detailed requirements are listed. These requirements are uniquely identified by a code and classified as essential or recommended functionality required. Chapter 8 assimilates the information in the previous chapters into a structured evaluation, selection and implementation plan for SSO solutions, consisting of nine separate phases. It also proposes a reference framework for the evaluation and selection process. Chapter 9 concludes the thesis. Findings and conclusions are summarized as to the importance and impact of Single Sign-on as well as the expected future directions to be expected. In addition, recommendations for the future implementation of SSO and SSSO solutions in heterogeneous computing environments are made. Computers - Access control. Computers - Access control - Passwords. Single sign-on.
4	A tree grammar-based visual password scheme Okundaye, Benjamin January 2016 (has links) A thesis submitted to the Faculty of Science, University of the Witwatersrand, Johannesburg, in fulfilment of the requirements for the degree of Doctor of Philosophy. Johannesburg, August 31, 2015. / Visual password schemes can be considered as an alternative to alphanumeric passwords. Studies have shown that alphanumeric passwords can, amongst others, be eavesdropped, shoulder surfed, or guessed, and are susceptible to brute force automated attacks. Visual password schemes use images, in place of alphanumeric characters, for authentication. For example, users of visual password schemes either select images (Cognometric) or points on an image (Locimetric) or attempt to redraw their password image (Drawmetric), in order to gain authentication. Visual passwords are limited by the so-called password space, i.e., by the size of the alphabet from which users can draw to create a password and by susceptibility to stealing of passimages by someone looking over your shoulders, referred to as shoulder surfing in the literature. The use of automatically generated highly similar abstract images defeats shoulder surfing and means that an almost unlimited pool of images is available for use in a visual password scheme, thus also overcoming the issue of limited potential password space. This research investigated visual password schemes. In particular, this study looked at the possibility of using tree picture grammars to generate abstract graphics for use in a visual password scheme. In this work, we also took a look at how humans determine similarity of abstract computer generated images, referred to as perceptual similarity in the literature. We drew on the psychological idea of similarity and matched that as closely as possible with a mathematical measure of image similarity, using Content Based Image Retrieval (CBIR) and tree edit distance measures. To this end, an online similarity survey was conducted with respondents ordering answer images in order of similarity to question images, involving 661 respondents and 50 images. The survey images were also compared with eight, state of the art, computer based similarity measures to determine how closely they model perceptual similarity. Since all the images were generated with tree grammars, the most popular measure of tree similarity, the tree edit distance, was also used to compare the images. Eight different types of tree edit distance measures were used in order to cover the broad range of tree edit distance and tree edit distance approximation methods. All the computer based similarity methods were then correlated with the online similarity survey results, to determine which ones more closely model perceptual similarity. The results were then analysed in the light of some modern psychological theories of perceptual similarity. This work represents a novel approach to the Passfaces type of visual password schemes using dynamically generated pass-images and their highly similar distractors, instead of static pictures stored in an online database. The results of the online survey were then accurately modelled using the most suitable tree edit distance measure, in order to automate the determination of similarity of our generated distractor images. The information gathered from our various experiments was then used in the design of a prototype visual password scheme. The generated images were similar, but not identical, in order to defeat shoulder surfing. This approach overcomes the following problems with this category of visual password schemes: shoulder surfing, bias in image selection, selection of easy to guess pictures and infrastructural limitations like large picture databases, network speed and database security issues. The resulting prototype developed is highly secure, resilient to shoulder surfing and easy for humans to use, and overcomes the aforementioned limitations in this category of visual password schemes. Content-based image retrieval. Pattern recognition systems.
5	Password-authenticated two-party key exchange with long-term security Unknown Date (has links) In the design of two-party key exchange it is common to rely on a Die-Hellman type hardness assumption in connection with elliptic curves. Unlike the case of nite elds, breaking multiple instances of the underlying hardness assumption is here considered substantially more expensive than breaking a single instance. Prominent protocols such as SPEKE [12] or J-PAKE [8, 9, 10] do not exploit this, and here we propose a password-authenticated key establishment where the security builds on the intractability of solving a specied number of instances v of the underlying computational problem. Such a design strategy seems particularly interesting when aiming at long-term security guarantees for a protocol, where expensive special purpose equipment might become available to an adversary. In this thesis, we give one protocol for the special case when v = 1 in the random oracle model, then we provide the generalized protocol in the random oracle model and a variant of the generalized protocol in the standard model for v being a polynomial of the security parameter `. / by WeiZheng Gao. / Thesis (Ph.D.)--Florida Atlantic University, 2012. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2012. Mode of access: World Wide Web. Data encryption (Computer science) Computer networks (Security measures) Software protection Computers--Access control--Passwords
6	Critical analyses of some public-key cryptosystems for high-speed satellite transmission applications Ma, Moses Hsingwen January 1981 (has links) Thesis (M.S.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1981. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Vita. / Bibliography: leaves 83-86. / by Moses Hsingwen Ma. / M.S. Digital communications Data transmission systems Cryptography Computers Access control Passwords
7	Authentication techniques for secure Internet commerce Ndaba, Sipho Lawrence 23 August 2012 (has links) M.Sc.(Computer Science) / The aim of this dissertation (referred to as thesis in the rest of the document) is to present authentication techniques that can be used to provide secure Internet commerce. The thesis presents techniques that can be used to authenticate human users at logon, as well as techniques that are used to authenticate user's PC and the host system during communication. In so doing, the thesis presents cryptography as the most popular approach to provide information security. Chapter 1 introduces the authentication problem, the purpose and the structure of the thesis. The inadequate security of the Internet prevents companies and users to conduct commerce over the Internet. Authentication is one of the means of providing secure Internet commerce. - Chapter 2 provides an overview of the Internet by presenting the Internet history, Internet infrastructure and the current services that are available on the Internet. The chapter defines Internet commerce and presents some of the barriers to the Internet commerce. Chapter 3 provides an overview of network and internetwork security model. The purpose of this chapter is to put authentication into perspective, in relation to the overall security model. Security attacks, security services and security mechanisms are defined in this chapter. The IBM Security Architecture is also presented. Chapter 4 presents cryptography as the popular approach to information security. The conventional encryption and public-key encryption techniques are used to provide some of the security services described in chapter 3. Chapter 5 presents various schemes that can be used to provide computer-to-computer authentication. These schemes are grouped into the following authentication functions: message encryption, cryptographic checksums, hash functions and digital signatures. Chapter 6 differentiates between one-way authentication schemes and mutual authentication schemes. The applicability of each approach depends on the communicating parties. Chapter 7 presents some of the popular and widely used open-systems technologies Internet protocols, which employ some of the schemes discussed in chapter 5 and chapter 6. These include the SSL, PCT, SHTTP, Kerberos, SESAME and SET. Chapter 8 discusses some of the enabling technologies that are used to provide human user authentication in a computer system. The password technology, the biometric technologies and the smart card technology are discussed. The considerations of selecting a specific technology are also discussed. Chapter 9 presents some of the techniques that can be used to authentication Internet users (human users) over the Internet. The techniques discussed are passwords, knowledge-based technique, voice recognition, smart cards, cellular based technique, and the technique that integrates Internet banking. Chapter 10 defines criteria on which the Internet user authentication techniques presented in chapter 9 can be measured against. The evaluation of each of the techniques is made against the specified criteria. In fact, this chapter concludes the thesis. Chapter 11 provides case studies on two of the techniques evaluated in chapter 10. Specifically, the insurance case study and the medical aid case studies are presented. Electronic commerce -- Security measures Internet -- Security measures Computers -- Access control -- Passwords
8	A study of South African computer usersʹ password usage habits and attitude towards password security Friedman, Brandon January 2014 (has links) The challenge of having to create and remember a secure password for each user account has become a problem for many computer users and can lead to bad password management practices. Simpler and less secure passwords are often selected and are regularly reused across multiple user accounts. Computer users within corporations and institutions are subject to password policies, policies which require users to create passwords of a specified length and composition and change passwords regularly. These policies often prevent users from reusing previous selected passwords. Security vendors and professionals have sought to improve or even replace password authentication. Technologies such as multi-factor authentication and single sign-on have been developed to complement or even replace password authentication. The objective of the study was to investigate the password habits of South African computer and internet users. The aim was to assess their attitudes toward password security, to determine whether password policies affect the manner in which they manage their passwords and to investigate their exposure to alternate authentication technologies. The results from the online survey demonstrated that password practices of the participants across their professional and personal contexts were generally insecure. Participants often used shorter, simpler and ultimately less secure passwords. Participants would try to memorise all of their passwords or reuse the same password on most of their accounts. Many participants had not received any security awareness training, and additional security technologies (such as multi-factor authentication or password managers) were seldom used or provided to them. The password policies encountered by the participants in their organisations did little towards encouraging the users to apply more secure password practices. Users lack the knowledge and understanding about password security as they had received little or no training pertaining to it. Computer users -- Attitudes Computers -- Access control -- Passwords Internet -- Access control Internet -- Security measures Internet -- Management Data protection
9	Secure web applications against off-line password guessing attack : a two way password protocol with challenge response using arbitrary images Lu, Zebin 14 August 2013 (has links) Indiana University-Purdue University Indianapolis (IUPUI) / The web applications are now being used in many security oriented areas, including online shopping, e-commerce, which require the users to transmit sensitive information on the Internet. Therefore, to successfully authenticate each party of web applications is very important. A popular deployed technique for web authentication is the Hypertext Transfer Protocol Secure (HTTPS) protocol. However the protocol does not protect the careless users who connect to fraudulent websites from being trapped into tricks. For example, in a phishing attack, a web user who connects to an attacker may provide password to the attacker, who can use it afterwards to log in the target website and get the victim’s credentials. To prevent phishing attacks, the Two-Way Password Protocol (TPP) and Dynamic Two-Way Password Protocol (DTPP) are developed. However there still exist potential security threats in those protocols. For example, an attacker who makes a fake website may obtain the hash of users’ passwords, and use that information to arrange offline password guessing attacks. Based on TPP, we incorporated challenge responses with arbitrary images to prevent the off-line password guessing attacks in our new protocol, TPP with Challenge response using Arbitrary image (TPPCA). Besides TPPCA, we developed another scheme called Rain to solve the same problem by dividing shared secrets into several rounds of negotiations. We discussed various aspects of our protocols, the implementation and experimental results. Web Security Web sites -- Security measures World Wide Web -- Security measures Computer network protocols -- Standards Computer hackers Computers -- Access control -- Passwords Internet -- Security measures Phishing -- Security measures

Search results