skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Artificial noise and physical layer authentication: Miso regime
We apply artificial noise to the fingerprint embedding authentication framework to improve information-theoretic authentication for the MISO channel. Instead of optimizing for secrecy capacity, we examine the trade-off between message rate, authentication, and key security. In this case, key security aims to limit an adversary’s ability to obtain the key using a maximum likelihood decoder.  more » « less
Award ID(s):
1702555
PAR ID:
10142726
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
IEEE Conference on Communications and Network Security
ISSN:
2474-025X
Page Range / eLocation ID:
1-5
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, IEEE Conference on Communications and Network Security)
    We apply artificial noise to the fingerprint embedding authentication framework to improve information-theoretic authentication for the MISO channel. Instead of optimizing for secrecy capacity, we examine the trade-off between message rate, authentication, and key security. In this case, key security aims to limit an adversary’s ability to obtain the key using a maximum likelihood decoder. 
    more » « less
  2. ; ; (, 2019 International Conference on Computing, Networking and Communications (ICNC))
    null (Ed.)
    Node Authentication and Key Distribution are two tightly correlated security tasks for a secure Body Area Networks (BAN) system. Handling them separately may cause many practical issues. Based on the recent advances on node authentication and (shared) key distribution (including key generation), we propose a new integrated method to securely and efficiently conduct the two tasks. We build a system model with the consideration of passive and active attacks and solve some security risks. One of performance metric, key generation rate is significantly improved in our method. We implement and verify the proposed methods on two test beds. The experimental result demonstrates the effectiveness and efficiency of our proposal. 
    more » « less
  3. ; ; ; (, Proceedings of the AAAI Conference on Artificial Intelligence)
    Current practice of mobility scooter user authentication using physical keys and traditional password-based one-time security mechanisms cannot meet the needs of many mobility scooter riders, especially senior citizens having issues in recalling memory. Now seamless authentication approaches are needed to provide ongoing protection for mobility scooters against takeovers and unauthorized access. Existing continuous authentication techniques do not work well in a mobility scooter setting due to issues such as user comfort, deployment cost and enrollment time, among others. In that direction, our contributions in this research effort are two-fold: (i) we propose a novel system that incorporates advances in few-shot learning, hierarchical processing, and contextual embedding to establish continuous authentication for mobility scooter riders using only posture data. This security system, trained on data collected from real mobility scooter riders, demonstrates quick enrollment and easy deployability, while successfully serving as an unobtrusive first layer of security. (ii) we provide to the research community the largest publicly available repository of mobility scooter riders' body key-points data to enable further research in this direction. 
    more » « less
  4. ; ; (, Springer Nature Singapore)
    on Ahn, Hopper and Langford introduced the notion of steganographic a.k.a. covert computation, to capture distributed computation where the attackers must not be able to distinguish honest parties from entities emitting random bitstrings. This indistinguishability should hold for the duration of the computation except for what is revealed by the intended outputs of the computed functionality. An important case of covert computation is mutually authenticated key exchange, a.k.a. mutual authentication. Mutual authentication is a fundamental primitive often preceding more complex secure protocols used for distributed computation. However, standard authentication implementations are not covert, which allows a network adversary to target or block parties who engage in authentication. Therefore, mutual authentication is one of the premier use cases of covert computation and has numerous real-world applications, e.g., for enabling authentication over steganographic channels in a network controlled by a discriminatory entity. We improve on the state of the art in covert authentication by presenting a protocol that retains covertness and security under concurrent composition, has minimal message complexity, and reduces protocol bandwidth by an order of magnitude compared to previous constructions. To model the security of our scheme we develop a UC model which captures standard features of secure mutual authentication but extends them to covertness. We prove our construction secure in this UC model. We also provide a proof-of-concept implementation of our scheme. 
    more » « less
  5. ; (, ACM SIGSAC Conference on Computer and Communications Security)
    To enhance the usability of password authentication, typo-tolerant password authentication schemes permit certain deviations in the user-supplied password, to account for common typographical errors yet still allow the user to successfully log in. In prior work, analysis by Chatterjee et al. demonstrated that typo-tolerance indeed notably improves password usability, yet (surprisingly) does not appear to significantly degrade authentication security. In practice, major web services such as Facebook have employed typo-tolerant password authentication systems. In this paper, we revisit the security impact of typo-tolerant password authentication. We observe that the existing security analysis of such systems considers only password spraying attacks. However, this threat model is incomplete, as password authentication systems must also contend with credential stuffing and tweaking attacks. Factoring in these missing attack vectors, we empirically re-evaluate the security impact of password typo-tolerance using password leak datasets, discovering a significantly larger degradation in security. To mitigate this issue, we explore machine learning classifiers that predict when a password's security is likely affected by typo-tolerance. Our resulting models offer various suitable operating points on the functionality-security tradeoff spectrum, ultimately allowing for partial deployment of typo-tolerant password authentication, preserving its functionality for many users while reducing the security risks. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email