Applied Security discussion: graphical passwords, Monday 3pm, rm 516

[fubob at MIT.EDU]

Applied Security Reading Group
Mondays, 3PM, NE43-516

A few graduate students are starting a reading group to discuss recent
papers and cool ideas related to applied security.  Our focus is on
the application and implementation of computer security.  If you would
like to receive future announcements, email asrg-request at pdos.lcs.mit.edu.

Time:  THIS Monday, November 15, 3-4PM
Place: Room NE43-516
Topic: The Design and Analysis of Graphical Passwords

Ian Jermyn, New York University; Alain Mayer, Fabian Monrose, Michael
K. Reiter, Bell Labs, Lucent Technologies; and Aviel D. Rubin, AT&T
Labs--Research

Abstract

In this paper we propose and evaluate new graphical password schemes
that exploit features of graphical input displays to achieve better
security than text-based passwords.  Graphical input devices enable
the user to decouple the position of inputs from the temporal order in
which those inputs occur, and we show that this decoupling can be used
to generate password schemes with substantially larger (memorable)
password spaces.  In order to evaluate the security of one of our
schemes, we devise a novel way to capture a subset of the
``memorable'' passwords that, we believe, is itself a contribution.
In this work we are primarily motivated by devices such as personal
digital assistants (PDAs) that offer graphical input capabilities via
a stylus, and we describe our prototype implementation of one of our
password schemes on such a PDA, namely the Palm PilotTM.

This paper won the best student paper and best overall paper at the
USENIX Security Symposium in July.  Emil Sit has agreed to lead the
discussion of this paper, downloadable from either:

http://pdos.lcs.mit.edu.edu/~fubob/asrg/gpw.ps
http://pdos.lcs.mit.edu.edu/~fubob/asrg/gpw.pdf

A related paper is http://pdos.lcs.mit.edu/~fubob/asrg/monrose.ps

See you there!
-- 
--------
Kevin E. Fu (fubob at mit.edu)
PGP key: finger fubob at monk.mit.edu