Timing Attacks on Cognitive Authentication Schemes


Classical password/PIN-based authentication methods have proven to be vulnerable to a broad range of observation attacks (like key-logging, video-recording or shoulder surfing attacks). So as to mitigate these attacks, a variety of solutions have been proposed, most of them being cognitive authentication schemes (challenge-response protocols that require users to perform some reasonably cognitive operations). In this paper, we show successful passive facet-channel timing attacks on two cognitive authentication schemes, a well-known Hopper-Blum (HB) protocol and a U.S. patent Mod10 methodology, previously believed to be secure against observation attacks. As we tend to show, the main security weakness of these strategies comes from detectable variations within the user's cognitive load that results from cognitive operations during the authentication procedure. We dispensed theoretical analysis of both Mod10 and HB methods, also an experimental user study of Mod10 methodology with 58 participants to validate the results of our timing attacks. We additionally propose security enhancements of these schemes aimed to mitigate the timing side-channel attacks. The proposed enhancements show the existence of a sturdy tradeoff between security and usability, indicating that the security of cognitive authentication schemes comes at a non-negligible usability price (e.g., increased overall login time). For that reason, the designers of new cognitive authentication schemes ought to not ignore doable threats induced by facet-channel timing attacks.

Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here

PROJECT TITLE :A Timing Correction Algorithm Based Extended SVM for Three Level Neutral Point Clamped MLI in Over Modulation Zone - 2017ABSTRACT:The space vector modulation readied multilevel inverter (MLI) has become palpable
PROJECT TITLE : One-Cycle Correction of Timing Errors in PipelinesWith Standard Clocked Elements - 2016 ABSTRACT: One of the foremost aggressive uses of dynamic voltage scaling is timing speculation, which in turn requires
PROJECT TITLE :Internet of Things to Smart IoT Through Semantic, Cognitive, and Perceptual ComputingABSTRACT:Fast growth within the Internet of Things (IoT) has resulted in a huge growth of information generated by these devices
PROJECT TITLE :A Process Algebraic Approach to Resource-Parameterized Timing Analysis of Automotive Software ArchitecturesABSTRACT:Modern automotive software elements are often initial developed by totally different suppliers
PROJECT TITLE :A Support Vector Machine-Based Framework for Detection of Covert Timing ChannelsABSTRACT:Covert channels exploit facet channels among existing network resources to transmit secret messages. They are integrated into

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry