Abstract | ||
---|---|---|
In this paper, we leverage the characteristics of round-trip communications latency (RTL) to design and implement a novel highly secure and usable web authentication scheme, dubbed CLAS. CLAS uses, in addition to the traditional credentials, round trip network communications latency to uniquely identify users. CLAS introduces a novel network architecture which turns RTL into a robust authentication feature that is extremely difficult to forge. CLAS offers robust defense against password compromise because, unlike many traditional authentication mechanisms, it is resilient to phishing/pharming, man-in-the-middle, and social engineering attacks. Most importantly, CLAS is transparent to users and incurs negligible overhead. Our experimental results show that CLAS can achieve 0.0017 false positive rate while maintaining false negative rate below 0.007. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1145/2897845.2897925 | AsiaCCS |
Keywords | Field | DocType |
Web authentication, network communications latency, Gaussian distribution, password compromise | USable,False positive rate,Internet privacy,Authentication,Phishing,Latency (engineering),Pharming,Computer security,Computer science,Network architecture,Password | Conference |
Citations | PageRank | References |
1 | 0.34 | 7 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Issa Khalil | 1 | 23 | 4.09 |
Zuochao Dou | 2 | 11 | 2.27 |
Abdallah Khreishah | 3 | 570 | 51.97 |