Abstract
The most common method for a user to gain access to a system, service, or resource is to provide a secret, often a password, that verifies her identity and thus authenticates her. Password-based authentication is considered strong only when the password meets certain length and complexity requirements, or when it is combined with other methods in multi-factor authentication. Unfortunately, many authentication systems do not enforce strong passwords due to a number of limitations; for example, the time taken to enter complex passwords. We present an authentication system that addresses these limitations by prompting a user for credentials once and then storing an authentication ticket in a wearable device that we call Kerberos Bracelet Identification (KBID).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Barth, A.T., Hanson, M.A., Powell, H.C., Unluer, D., Wilson, S.G., Lach, J.: Body-coupled communication for body sensor networks. In: Proceedings of the ICST 3rd International Conference on Body Area Networks (2008). http://dl.acm.org/citation.cfm?id=1460257.1460273
Chang, S., Hu, Y., Anderson, H., Fu, T., Huang, E.Y.L.: Body area network security: robust key establishment using human body channel. In: Proceedings of 3rd USENIX Workshop on Health Security and Privacy (HealthSec), August 2013. https://www.usenix.org/conference/healthsec12/workshop-program/presentation/Chang
Czeskis, A., Koscher, K., Smith, J.R., Kohno, T.: RFIDS and secret handshakes: defending against ghost-and-leech attacks and unauthorized reads with context-aware communications. In: Proceedings of the 15th ACM conference on Computer and communications security, pp. 479–490. ACM (2008)
Gomez, C., Oller, J., Paradells, J.: Overview and evaluation of bluetooth low energy: an emerging low-power wireless technology. Sensors 12(9), 11734 (2012). http://www.mdpi.com/1424-8220/12/9/11734
Goode, A.: Bring your own finger-how mobile is bringing biometrics to consumers. Biom. Technol. Today 2014(5), 5–9 (2014)
Krzanich, B.: Intel developer forum san francisco opening keynote. Intel Corporation, Technical report (2015)
Mare, S., Markham, A., Cornelius, C., Peterson, R., Kotz, D.: Zebra: zero-effort bilateral recurring authentication. In: 2014 IEEE Symposium on Security and Privacy (SP), May 2014
Ryan, M.: Bluetooth: with low energy comes low security. In: Proceedings of the 7th USENIX Conference on Offensive Technologies. USENIX Association (2013). http://dl.acm.org/citation.cfm?id=2534748.2534754
Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password memorability and security: empirical results. IEEE Secur. Priv. (2004). http://dx.doi.org/10.1109/MSP.2004.81
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 International Financial Cryptography Association
About this paper
Cite this paper
Carrigan, J., Martin, P., Rushanan, M. (2017). KBID: Kerberos Bracelet Identification (Short Paper). In: Grossklags, J., Preneel, B. (eds) Financial Cryptography and Data Security. FC 2016. Lecture Notes in Computer Science(), vol 9603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-54970-4_32
Download citation
DOI: https://doi.org/10.1007/978-3-662-54970-4_32
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-54969-8
Online ISBN: 978-3-662-54970-4
eBook Packages: Computer ScienceComputer Science (R0)