Opening the Web for all : inclusive and secure design of an online authentication system

Gibson, Marcia

January 2012

Effective use of the World Wide Web grants users increased power over people, time and space. However, its growing ubiquity also means these powers tend to become eroded in non-users. Growth of the Web as a marketplace and as a channel to deliver e-services, results in an ever increasing volume of sensitive information being transacted and stored online. As a result, authentication systems are now being used extensively on the Web. Unfortunately the profusion of Web sites and the large numbers of associated passwords reduces their efficacy and puts severe strain on users’ limited cognitive resources. Authentication systems themselves therefore can act as an additional source of exclusion. However, this step of authentication has up until now, been largely overlooked when considering inclusive design. People may experience a variety of barriers to Internet access: Psychological, Material, Skills and Usage. Existing models of these barriers within the literature are discussed, and a unified model of exclusion is developed and used to identify a series of potential solutions to the various aspects of each barrier. These solutions are classified into 4 separate design goals: Enhanced Usability, Enhanced Accessibility, Reduced End-user Cost and Robust Security. A number of groups who are especially at risk of Web exclusion are also identified. The design goals are used to evaluate existing traditional and image-based passwords. The accessibility component is assessed in terms of twenty-two use scenarios, consisting of a particular user group’s limiting characteristic and strategies the groups are known to use when accessing the Web. The accessibility analysis shows traditional passwords to be less accessible for several groups: • Novice users who experience reduced comparative learnability, efficiency and increased errors. • Mobile phone users, head wand users, eye gaze tracker users, those with reduced manual dexterity/and or tremors accessing principally via a mouse or keyboard, those with impaired ability to select and filter relevant sensory information and low-literacy users accessing via a normal or text to speech browsers. These groups experience reduced comparative efficiency and increased errors. • Users with impaired ability to remember information or sequences and illiterate users accessing via a text-to-speech browser or normal browser. These groups have the most significant issues with passwords, experiencing reduced comparative learnability, memorability, efficiency and increased errors. Image based passwords are found to be more accessible for some of these groups, but are unusable by blind users and less usable by those with visual impairments. Just as Web users are not a uniform, homogenous group, so too is there no homogenous solution to creating usable security. Even so, there may be solutions that are usable and secure given the particular scenario within which they will be used. For this reason, it is important to supply a number of alternatives because as one modality or model of interaction is locked out, another group becomes excluded. One such alternative, a novel scheme called “Musipass”, is trialled in lab-based and large-scale online user participation experiments. Musipass is found to offer superior long-term memorability to a traditional password and users report enjoying the experience of authenticating with music. A security analysis is conducted which shows Musipass to offer comparative or enhanced security compared to a traditional password against a number of well-known attacks.

004.01

Méthodologie et développement de solutions pour la sécurisation des circuits numériques face aux attaques en tensions / Methodology and design of solutions to secure digital circuits against power attacks

Gomina, Kamil

11 September 2014

Les applications grand public comme la téléphonie mobile ou les cartes bancaires manipulent des données confidentielles. A ce titre, les circuits qui les composent font de plus en plus l'objet d'attaques qui présentent des menaces pour la sécurité des données. Les concepteurs de systèmes sur puce (SoC) doivent donc proposer des solutions sécurisées, tout en limitant le coût et la complexité globale des applications. L’analyse des attaques existantes sur les circuits numériques nous a orienté vers celles se basant sur la tension d'alimentation, dans des nœuds technologiques avancés.Dans un premier temps, nous avons déterminé la signature électrique d’un circuit en phase de conception. Pour cela, un modèle électrique a été proposé, prenant en compte la consommation en courant et la capacité de la grille d'alimentation. L'extraction de ces paramètres ainsi que l'évaluation du modèle sont présentées. L’utilisation de ce modèle a permis de mesurer la vulnérabilité d’un circuit mais aussi d’évaluer quantitativement des contremesures, notamment celle utilisant des capacités de découplage. Ensuite, l’étude se consacre à l’injection de fautes par impulsions de tension d’alimentation. Les mécanismes d’injection de fautes sur des circuits numériques ont été étudiés. Dès lors, des solutions de détection d’attaques ont été proposées et évaluées à la fois en simulation et par des tests électriques sur circuit. Les résultats ont permis de confirmer les analyses théoriques et la méthodologie utilisée.Ce travail a ainsi montré la faisabilité de solutions à bas coût contre les attaques actives et passives en tension, utilisables dans le cadre d’un développement industriel de produits. / General use products as mobile phones or smartcards manipulate confidential data. As such, the circuits composing them are more and more prone to physical attacks, which involve a threat for their security. As a result, SoC designers have to develop efficient countermeasures without increasing overall cost and complexity of the final application. The analysis of existing attacks on digital circuits leads to consider power attacks, in advanced technology nodes.First of all, the power signature of a circuit was determined at design time. To do so, an electrical model was suggested based on the current consumption and the overall power grid capacitance. The methodology to extract these parameters, as well as the evaluation of the model are presented. This model allows designers to anticipate information leakage at design time and to quantify the protection of countermeasures, as the use of integrated decoupling capacitors. Then, the study was dedicated to power glitch attacks. The different fault injection mechanisms were analyzed in details. From then on, a set of detection circuits were suggested and evaluated at design time and on silicon by electrical tests. Both the theoretical analysis and the given methodology were confirmed by the test campaigns.This work demonstrated that the design of low-cost solutions against passive and active power attacks can be achieved, and used in a large scale product development.

Circuits numériques

Méthodologie de conception

Signature électrique

Contremesures

Attaques passives

Injection de fautes

Conception sécurisée

Technologies avancées

Attaques par impulsion de tension

Analyse de consommation

Digital circuits

Design methodology

Power signature

Countermeasures

Passive attacks

Power glitch attacks

Power analysis

Advanced technologies

Fault injection

Secure design