A password-based authentication by splitting roles of user interface

Jung Seung Lee, Han Park, Gyeong Yong Bang, Joo Seok Song

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).

Original languageEnglish
Title of host publicationCCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages1641-1643
Number of pages3
ISBN (Electronic)9781450338325
DOIs
Publication statusPublished - 2015 Oct 12
Event22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015 - Denver, United States
Duration: 2015 Oct 122015 Oct 16

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
Volume2015-October
ISSN (Print)1543-7221

Other

Other22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015
CountryUnited States
CityDenver
Period15/10/1215/10/16

Fingerprint

Authentication
User interfaces
Cost effectiveness

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this

Lee, J. S., Park, H., Bang, G. Y., & Song, J. S. (2015). A password-based authentication by splitting roles of user interface. In CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 1641-1643). (Proceedings of the ACM Conference on Computer and Communications Security; Vol. 2015-October). Association for Computing Machinery. https://doi.org/10.1145/2810103.2810107
Lee, Jung Seung ; Park, Han ; Bang, Gyeong Yong ; Song, Joo Seok. / A password-based authentication by splitting roles of user interface. CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2015. pp. 1641-1643 (Proceedings of the ACM Conference on Computer and Communications Security).
@inproceedings{c619f718e49f484da266ee536c2522e8,
title = "A password-based authentication by splitting roles of user interface",
abstract = "Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).",
author = "Lee, {Jung Seung} and Han Park and Bang, {Gyeong Yong} and Song, {Joo Seok}",
year = "2015",
month = "10",
day = "12",
doi = "10.1145/2810103.2810107",
language = "English",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "1641--1643",
booktitle = "CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security",

}

Lee, JS, Park, H, Bang, GY & Song, JS 2015, A password-based authentication by splitting roles of user interface. in CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, vol. 2015-October, Association for Computing Machinery, pp. 1641-1643, 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, Denver, United States, 15/10/12. https://doi.org/10.1145/2810103.2810107

A password-based authentication by splitting roles of user interface. / Lee, Jung Seung; Park, Han; Bang, Gyeong Yong; Song, Joo Seok.

CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2015. p. 1641-1643 (Proceedings of the ACM Conference on Computer and Communications Security; Vol. 2015-October).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - A password-based authentication by splitting roles of user interface

AU - Lee, Jung Seung

AU - Park, Han

AU - Bang, Gyeong Yong

AU - Song, Joo Seok

PY - 2015/10/12

Y1 - 2015/10/12

N2 - Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).

AB - Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).

UR - http://www.scopus.com/inward/record.url?scp=84954135892&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84954135892&partnerID=8YFLogxK

U2 - 10.1145/2810103.2810107

DO - 10.1145/2810103.2810107

M3 - Conference contribution

AN - SCOPUS:84954135892

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 1641

EP - 1643

BT - CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

ER -

Lee JS, Park H, Bang GY, Song JS. A password-based authentication by splitting roles of user interface. In CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery. 2015. p. 1641-1643. (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/2810103.2810107