Browsing by Subject "Authentication"
Now showing 1 - 3 of 3
Results Per Page
Sort Options
Item The feasibility of memory encryption and authentication(2013-05) Owen, Donald Edward, Jr.; John, Lizy KurianThis thesis presents an analysis of the implementation feasibility of RAM authentication and encryption. Past research as used simulations to establish that it is possible to authenticate and encrypt the contents of RAM with reasonable performance penalties by using clever implementations of tree data structures over the contents of RAM. However, previous work has largely bypassed implementation issues such as power consumption and silicon area required to implement the proposed schemes, leaving implementation details unspecified. This thesis studies the implementation cost of AES-GCM hardware and software solutions for memory authentication and encryption and shows that software solutions are infeasible because they are too costly in terms of performance and power, whereas hardware solutions are more feasible.Item Voiceprint Vault : voice authentication service(2013-08) Henderson, Paul Martin; Barber, SuzanneIn a world dominated by smartphones, cloud computing, and online accounts, security of personal and corporate data is a critical concern. Voiceprint Vault provides a voice authentication service that can be used in a multitude of applications to secure sensitive data. Voiceprint Vault includes the following high-level features: - Cloud-based voice authentication using trusted signal processing algorithms - Multifactor authentication with use of optional password - Cross-platform compatibility using secure web requests to authenticate - Built-in storage and synching of private user data - Java library to facilitate integration with Android applications The Voiceprint Vault service allows users of an application to create an account, provide a voice sample, and then access the account with a simple spoken phrase. When users access their account, their voice sample is analyzed and compared to their training recordings. This system can be tailored to the needs of a particular user with per-user security options. It provides the convenience of voice access, but also allows for a password to be used for increased security. The Voiceprint Vault service is designed to allow application developers to integrate an existing, tested authentication system into their app rather than creating their own authentication system. The Voiceprint Vault server provides application specific repositories that developers can create to hold all user data, cryptographic information, and voice samples. The user data stored on the Voiceprint Vault server provides built-in synchronization across all connected devices. A reference implementation is provided that demonstrates the use of Voiceprint Vault authentication. The reference implementation is an Android app that uses the voice authentication service to protect access to personal notes, tasks, and dates that are synched across devices. Detailed instructions for integrating Voiceprint Vault into an existing application are also provided with the reference implementation. The accuracy of voiceprint authentication was investigated and optimized for a set of sample users and recordings. The security features and dangers of such a system are described along with recommendations for safe use. The optimal parameters to be used in the voice authentication algorithms are also presented in this report.Item Weak and strong authentication in computer networks(2012-12) Choi, Taehwan; Gouda, Mohamed G., 1947-; Lam, Simon S; Mok, Aloysius K; Zhang, Yin; Young, William D; Kulkarni, SandeepIn this dissertation, we design and analyze five authentication protocols that answer to the a firmative the following fi ve questions associated with the authentication functions in computer networks. 1. The transport protocol HTTP is intended to be lightweight. In particular, the execution of applications on top of HTTP is intended to be relatively inexpensive and to take full advantage of the middle boxes in the Internet. To achieve this goal, HTTP does not provide any security guarantees, including any authentication of a server by its clients. This situation raises the following question. Is it possible to design a version of HTTP that is still lightweight and yet provides some security guarantees including the authentication of servers by their clients? 2. The authentication protocol in HTTPS, called TLS, allows a client to authenti- cate the server with which it is communicating. Unfortunately, this protocol is known to be vulnerable to human mistakes and Phishing attacks and Pharm- ing attacks. Is it possible to design a version of TLS that can successfully defend against human mistakes and Phishing attacks and Pharming attacks? 3. In both HTTP and HTTPS, a server can authenticate a client, with which it is communicating, using a standard password protocol. However, standard password protocols are vulnerable to the mistake of a client that uses the same password with multiple servers and to Phishing and Pharming attacks. Is it possible to design a password protocol that is resilient to client mistakes (of using the same password with multiple servers) and to Phishing and Pharming attacks? 4. Each sensor in a sensor network needs to store n - 1 symmetric keys for secure communication if the sensor network has n sensor nodes. The storage is constrained in the sensor network and the earlier approaches succeeded to reduce the number of keys, but failed to achieve secure communications in the face of eavesdropping, impersonation, and collusion. Is it possible to design a secure keying protocol for sensor networks, which is e fficient in terms of computation and storage? 5. Most authentication protocols, where one user authenticates a second user, are based on the assumption that the second user has an "identity", i.e. has a name that is (1) fi xed for a relatively long time, (2) unique, and (3) ap- proved by a central authority. Unfortunately, the adoption of user identities in a network does create some security holes in that network, most notably anonymity loss, identity theft, and misplaced trust. This situation raises the following question. Is it possible to design an authentication protocol where the protocol users have no identities?