A password-based authentication by splitting roles of user interface

Jung Seung Lee; Han Park; Gyeong Yong Bang; Joo Seok Song

doi:10.1145/2810103.2810107

A password-based authentication by splitting roles of user interface

Jung Seung Lee, Han Park, Gyeong Yong Bang, Joo Seok Song

College of Computing

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).

Original language	English
Title of host publication	CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	1641-1643
Number of pages	3
ISBN (Electronic)	9781450338325
DOIs	https://doi.org/10.1145/2810103.2810107
Publication status	Published - 2015 Oct 12
Event	22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015 - Denver, United States Duration: 2015 Oct 12 → 2015 Oct 16

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
Volume	2015-October
ISSN (Print)	1543-7221

Other

Other	22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015
Country/Territory	United States
City	Denver
Period	15/10/12 → 15/10/16

All Science Journal Classification (ASJC) codes

Software
Computer Networks and Communications

Access to Document

10.1145/2810103.2810107

Cite this

Lee, J. S., Park, H., Bang, G. Y., & Song, J. S. (2015). A password-based authentication by splitting roles of user interface. In CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 1641-1643). (Proceedings of the ACM Conference on Computer and Communications Security; Vol. 2015-October). Association for Computing Machinery. https://doi.org/10.1145/2810103.2810107

@inproceedings{c619f718e49f484da266ee536c2522e8,

title = "A password-based authentication by splitting roles of user interface",

abstract = "Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).",

author = "Lee, {Jung Seung} and Han Park and Bang, {Gyeong Yong} and Song, {Joo Seok}",

year = "2015",

month = oct,

day = "12",

doi = "10.1145/2810103.2810107",

language = "English",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "1641--1643",

booktitle = "CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security",

note = "22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015 ; Conference date: 12-10-2015 Through 16-10-2015",

}

Lee, JS, Park, H, Bang, GY & Song, JS 2015, A password-based authentication by splitting roles of user interface. in CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, vol. 2015-October, Association for Computing Machinery, pp. 1641-1643, 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, Denver, United States, 15/10/12. https://doi.org/10.1145/2810103.2810107

A password-based authentication by splitting roles of user interface. / Lee, Jung Seung; Park, Han; Bang, Gyeong Yong et al.

CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2015. p. 1641-1643 (Proceedings of the ACM Conference on Computer and Communications Security; Vol. 2015-October).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A password-based authentication by splitting roles of user interface

AU - Lee, Jung Seung

AU - Park, Han

AU - Bang, Gyeong Yong

AU - Song, Joo Seok

PY - 2015/10/12

Y1 - 2015/10/12

N2 - Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).

AB - Conventional password-based authentication has been widely used due to its simplicity, familiarity, and cost effectiveness. However, the conventional password-based authentication has a fundamental weak-point that cleartext passwords are kept on client-side devices and networks. In order to acquire a user's password securely, we suggest a novel method that splits the roles of user interface onto two devices. With our method, cleartext passwords are neither stored on any devices nor transmitted over communication channels. Finally, we implement a demo application and analyze our method in the aspects of usability, deployability, and security. Copyright is held by the flowner/author(s).

UR - http://www.scopus.com/inward/record.url?scp=84954135892&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84954135892&partnerID=8YFLogxK

U2 - 10.1145/2810103.2810107

DO - 10.1145/2810103.2810107

M3 - Conference contribution

AN - SCOPUS:84954135892

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 1641

EP - 1643

BT - CCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

T2 - 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015

Y2 - 12 October 2015 through 16 October 2015

ER -

A password-based authentication by splitting roles of user interface

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this