Your credentials are compromised, do not panic: You can be well protected

Issa Khalil, Zuochao Dou, Abdallah Khreishah

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Citations (Scopus)

Abstract

In this paper, we leverage the characteristics of round-trip communications latency (RTL) to design and implement a novel highly secure and usable web authentication scheme, dubbed CLAS. CLAS uses, in addition to the traditional credentials, round-trip network communications latency to uniquely identify users. CLAS introduces a novel network architecture which turns RTL into a robust authentication feature that is extremely difficult to forge. CLAS offers robust defense against password compromise because, unlike many traditional authentication mechanisms, it is resilient to phishing/pharming, man-in-the-middle, and social engineering attacks. Most importantly, CLAS is transparent to users and incurs negligible overhead. Our experimental results show that CLAS can achieve 0.0017 false positive rate while maintaining false negative rate below 0.007.

Original languageEnglish
Title of host publicationASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Pages925-930
Number of pages6
ISBN (Electronic)9781450342339
DOIs
Publication statusPublished - 30 May 2016
Event11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016 - Xi'an, China
Duration: 30 May 20163 Jun 2016

Publication series

NameASIA CCS 2016 - Proceedings of the 11th ACM Asia Conference on Computer and Communications Security

Conference

Conference11th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2016
Country/TerritoryChina
CityXi'an
Period30/05/163/06/16

Keywords

  • Gaus-sian distribution
  • Network communications latency
  • Password compromise
  • Web authentication

Fingerprint

Dive into the research topics of 'Your credentials are compromised, do not panic: You can be well protected'. Together they form a unique fingerprint.

Cite this