|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Statistical Attacks on Personal Knowledge Questions
If you have a question about this talk, please contact Jonathan Anderson.
When passwords fail and hardware or biometrics are infeasible, many systems still rely on personal knowledge questions for human authentication. In the past year, high-profile accounts of Twitter executives and US politician Sarah Palin were compromised by guessing personal knowledge questions. This talk will discuss the range of attacks on personal knowledge-based protocols. The speaker will then introduce new research on statistical guessing attacks, including information-theoretic models of guessing and their security implications when applied to real-world probability distributions of the names of people, pets, and places. Finally, possible countermeasures based on active shaping of user’s answer choices will be analysed.
This talk is part of the Computer Laboratory Security Group meeting presentations series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsCUiD - Cambridge University International Development Society RSC South East England Regional Meeting Disease: From Lab to Clinic - Caius MedSoc Talks, Michaelmas 2015
Other talksEstablishment and exploitation of experimentally inducible sexual development of malaria parasites Potential lifestyle strategies to reduce locomotor impairment during aging: Evidence from longitudinal studies in rats “Modulating Tregs in Cancer and Autoimmunity” Managing demand and maintaining quality in emergency medicine: a view from the US on clinically efficacious flow Helminth-induced suppression of inflammation – a role for the gut microbiota? Granulite facies metamorphism and melting: the message from the metabasites