• norsk
    • English
  • English 
    • norsk
    • English
  • Login
View Item 
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for elektroniske systemer
  • View Item
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for elektroniske systemer
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Design and Analysis of a Password Management System

Sandvoll, Mats Birkeland
Master thesis
Thumbnail
View/Open
745182_ATTACHMENT01.zip (461.7Kb)
745182_COVER01.pdf (184.1Kb)
745182_FULLTEXT01.pdf (7.430Mb)
URI
http://hdl.handle.net/11250/2371037
Date
2014
Metadata
Show full item record
Collections
  • Institutt for elektroniske systemer [2503]
Abstract
Managing passwords is a significant problem for most people in the modern world. In this thesis, a password management system has been designed and implemented as an iOS application called PassCue. PassCue is based on the Shared Cues password management model, proposed by J. Blocki, M. Blum and A. Datta in Naturally Rehearsing Passwords . The design and implementation choices, as well as parameter evaluation, were important in order to create a usable and secure system. PassCue uses cues to share secrets across multiple accounts in order to achieve the competing usability and security goals.PassCue provides higher security than many of the popular password management schemes without significant reduction in usability. The probability that an attacker will compromise an account in an online attack is 1.47656 × 10^(-16) for PassCue (9,4,3) and (43,4,1), and 3.69140 × 10^(-21) for PassCue (60,5,1). In an offline attack with no previous plaintext leaks, cracking the PassCue (9,4,3) and (43,4,1) password will take over 38 years and cost over $700, 000. Cracking the PassCue (60,5,1) password would take over 1.5 million days and cost $2.84442×10^(10) using technology known today. PassCue (9,4,3) does not require the user to invest additional time in order to maintain the passwords in memory, but in PassCue (43,4,1) and PassCue (60,5,1) the user must perform 11 and 20 extra rehearsals respectively.The PassCue design and implementation can easily be customized to support different usability and security needs. The PassCue application utilizes a low percentage of the CPU and memory of an iPhone 5, and uses less then 1% of the CPU and 5.9MB of memory in idle state.
Publisher
Institutt for elektronikk og telekommunikasjon

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit
 

 

Browse

ArchiveCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsDocument TypesJournalsThis CollectionBy Issue DateAuthorsTitlesSubjectsDocument TypesJournals

My Account

Login

Statistics

View Usage Statistics

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit