Is it too late for PAKE? John Engler (UC Berkeley) Chris Karlof - PowerPoint PPT Presentation

Mar 31, 2024 •99 likes •206 views

Is it too late for PAKE? John Engler (UC Berkeley) Chris Karlof Elaine Shi Dawn Song (Usable Security (PARC) (UC Berkeley) Systems) What is PAKE? Password Authenticated Key Exchange 1 Enter Password 2 Crypto

Is it too late for PAKE? John Engler (UC Berkeley) Chris Karlof Elaine Shi Dawn Song (Usable Security (PARC) (UC Berkeley) Systems)
What is PAKE? ● Password Authenticated Key Exchange 1 Enter Password 2 Crypto Protocol 3 Generate Session Key
Why PAKE? ● Password not transmitted ● Mutual Authentication
T wo Hurdles ● Secure password entry ● Branding and message
Problem: Mimicry Attacks
Possible Solution: Secure UI Rachna, et al. Dynamic Security Skin Login Oiwa, et al. MAP-HTTP's In-chrome Login
Problem: Confusion Attacks
Problem: Branding and Messaging
Conclusion ● More issues remain: – User Training – Implementation – Deployment ● PAKE: Potential benefits but hurdles. ● Full Paper:Firefox implemenation: http://webblaze.cs.berkeley.edu/2009/pake/

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Late binding Ch 15.3 Highlights - Late binding for variables - Late binding for functions

Late binding Ch 15.3 Highlights - Late binding for variables - Late binding for functions Review: Derived classes Today we will deal more with inheritance Mainly we will focus on how you can store a child class in a parent container (sort

550 views • 30 slides

OPAQUE: A Strong Asymmetric PAKE Protocol Secure Against Pre-Computation Attacks Stanislaw

OPAQUE: A Strong Asymmetric PAKE Protocol Secure Against Pre-Computation Attacks Stanislaw Jarecki, Hugo Krawczyk, Jiayu Xu Motivation: Password Authentication Passwords are the prevalent tool for authentication Passwords are vulnerable

481 views • 22 slides

Dragonfly: A PAKE Scheme Dan Harkins IETF 83 Paris, France The Rise of Password Protocols in

Dragonfly: A PAKE Scheme Dan Harkins IETF 83 Paris, France The Rise of Password Protocols in the IETF EAP-GPSK, TLS-SRP, TLS-PSK EAP-pwd PAP! Plaintext passwords (1986 to 1995 or so) PAP-like exchange completely broken

337 views • 12 slides

AuCPace: Efficient Verifier-Based PAKE protocol tailored for the IIoT Bjrn Haase, Benot

Products Solutions Services AuCPace: Efficient Verifier-Based PAKE protocol tailored for the IIoT Bjrn Haase, Benot Labrique Endress + Hauser Conducta GmbH & Co. KG. Slide 1 07/22/2019 B. Haase, B. Labrique AuCPace: Efficient

1.21k views • 81 slides

Hash Proof Systems and Password Protocols III SPHF-based PAKE David Pointcheval CNRS, Ecole

Hash Proof Systems and Password Protocols III SPHF-based PAKE David Pointcheval CNRS, Ecole normale sup erieure/PSL & INRIA 8th BIU Winter School Key Exchange February 2018 CNRS/ENS/PSL/INRIA David Pointcheval 1/53 Intuition

475 views • 18 slides

NRHS Late Starts and Class Sizes April 6, 2016 1 Late Start Key Questions How have late

NRHS Late Starts and Class Sizes April 6, 2016 1 Late Start Key Questions How have late starts been used at NRHS this year? What has been the staff, parent, and student reaction to late starts? What is proposed for the 2016-17 year?

424 views • 16 slides

You've Got Mail Problems: The Safety Net For 'Late' Proposals By Amy Conant The U.S. Government

You've Got Mail Problems: The Safety Net For 'Late' Proposals By Amy Conant The U.S. Government Accountability Office takes a hard line when it comes to proposal submissions: Late is late. This policy often proves frustrating to contractors who

216 views • 3 slides

Upstream Graphics: Too Little, Too Late Upstream Graphics: Too Little, Too Late Daniel Vetter,

Upstream Graphics: Too Little, Too Late Upstream Graphics: Too Little, Too Late Daniel Vetter, Intel OTC @danvet LPC 2019, Lisbon Everything Great About Upstream Graphics: Too Little, Too Late Upstream Graphics: Too Little, Too Late Daniel

365 views • 25 slides

The DES he DES LA LATE TE Trial rial Cheol Whan Lee, MD, Seung-Jung Park, MD, PhD, On Behalf

Optimal Duration of Clopidogrel Therapy with DES to Reduce Late Coronary Arterial Thrombotic Event The DES he DES LA LATE TE Trial rial Cheol Whan Lee, MD, Seung-Jung Park, MD, PhD, On Behalf of the DES LATE Investigators Division of

620 views • 32 slides

Late binding Ch 15.3 Highlights - Late binding for variables Review: Derived classes Today we

Late binding Ch 15.3 Highlights - Late binding for variables Review: Derived classes Today we will deal more with inheritance Mainly we will focus on how you can store a child class in a parent container (sort of) Questions we will answer:

910 views • 18 slides

Late Start, and Late Finish. Presenter: Sohel Akhter, PMP, CCNA,ISMS PMP and Six Sigma

Project Management Professionals Hot Topics & Challenges Time Management Topic: The easiest way to calculate Critical Path, Total Float, Free Float, Early Start, Early Finish, Late Start, and Late Finish. Presenter: Sohel Akhter, PMP,

330 views • 10 slides

FAT File system Case studies Microsoft, late 70s FAT late 70s; Microsoft File Allocation Table

FAT File system Case studies Microsoft, late 70s FAT late 70s; Microsoft File Allocation Table (FAT) key idea: linked list started with MSDOS Today: flash sticks in FAT-32, supports 2 28 blocks and files of 2 32 -1 bytes Unix FFS mid 80 s

225 views • 10 slides

A multi- study of debris discs around late-type MS stars. Francisco

A multi- study of debris discs around late-type MS stars. Francisco Jimnez-Esteban Enrique Solano Jorge Sanz Forcada CAB / SVO (INTA-CSIC) Debris discs around late stars Outline Science case: Debris disk around late-type

458 views • 16 slides

The Late Medieval Period text in purple is for notes Voorhees ERA IV Unit WHI.14 Late Middle

The Late Medieval Period text in purple is for notes Voorhees ERA IV Unit WHI.14 Late Middle Ages Introduction: Trade increases Kings become powerful England, France, Spain, and Russia The Middle Ages in 3.5 Minutes:

1.35k views • 105 slides

Late binding Ch 15.3 Highlights - Late binding for functions Review: Storing types Last time

Late binding Ch 15.3 Highlights - Late binding for functions Review: Storing types Last time we discussed how to properly store a Child object inside a Parent (using pointer) If we did not use a pointer, it would not work: This will only

685 views • 14 slides

cole Salish Secondary School PAC Meeting Clip Past Practice Penalizing 10% a day for late

cole Salish Secondary School PAC Meeting Clip Past Practice Penalizing 10% a day for late assignments Not accepting late assignments Not allowing students to write quizzes if they were late for class Not giving students

519 views • 39 slides

LATE and the Generalized Roy Model: Some Relationships James J. Heckman University of Chicago

Main: Defining LATE Example of Normal Model Nonparametric Identification of the Roy Model LATE and the Generalized Roy Model: Some Relationships James J. Heckman University of Chicago Extract from: Building Bridges Between Structural and

1.01k views • 88 slides

LATE and the Generalized Roy Model: Some Relationships James J. Heckman University of Chicago

LATE and the Generalized Roy Model: Some Relationships James J. Heckman University of Chicago Extract from: Building Bridges Between Structural and Program Evaluation Approaches to Evaluating Policy James J. Heckman (JEL 2010) Econ 312,

875 views • 66 slides

Sovereign Debt and Default Costas Arkolakis Teaching fellow: Federico Esposito Economics 407,

Sovereign Debt and Default Costas Arkolakis Teaching fellow: Federico Esposito Economics 407, Yale February 2014 Outline Sovereign debt and default A brief history of default episodes A Simple Model of Default Managing Sovereign

682 views • 54 slides

Exam 2 Review 18.05 Spring 2014 Jeremy Orloff and Jonathan Bloom Cannot cover everything. Jerry

Exam 2 Review 18.05 Spring 2014 Jeremy Orloff and Jonathan Bloom Cannot cover everything. Jerry will go through a list of examples. Jon, Peter, Ruthi, Erika will take questions. Summary Data: x 1 , . . . , x n Basic statistics: sample mean, sample

442 views • 21 slides

Econ 2148, fall 2017 Instrumental variables II, continuous treatment Maximilian Kasy Department

Instrumental variables Econ 2148, fall 2017 Instrumental variables II, continuous treatment Maximilian Kasy Department of Economics, Harvard University 1 / 35 Instrumental variables Recall instrumental variables part I Origins of

627 views • 35 slides

LATe: A Lightweight cole Mines-Tlcom Authenticated Time Synchronization Protocol for IoT

IMT Atlantique Bretagne-Pays de la Loire LATe: A Lightweight cole Mines-Tlcom Authenticated Time Synchronization Protocol for IoT Renzo E. NAVAS, Laurent TOUTAIN Table of contents 1/26 1 Problem Statement and SoA 2 LATe Protocol 3

742 views • 40 slides

Exploring Marginal Treatment Effects Flexible estimation using Stata Martin Eckhoff Andresen

Exploring Marginal Treatment Effects Flexible estimation using Stata Martin Eckhoff Andresen Statistics Norway Oslo, September 12th 2018 Martin Andresen (SSB) Exploring MTEs Oslo, 2018 1 / 25 Introduction Motivation Instrumental variables

715 views • 25 slides

Doing More When Youre Running LATE: Applying Marginal Treatment Effect Methods to Examine

Doing More When Youre Running LATE: Applying Marginal Treatment Effect Methods to Examine Treatment Effect Heterogeneity in Experiments Amanda E. Kowalski Associate Professor, Department of Economics, Yale Faculty Research Fellow, NBER

1.19k views • 100 slides