TC: Small: Mobile Phone Password Managers: An Evaluation and a Re-Design based on Human-Perceptible Communication

TC：小：手机密码管理器：基于人类可感知通信的评估和重新设计

• 批准号: 1117269
• 负责人: Nitesh Saxena
• 金额: $ 45.34万
• 依托单位: Polytechnic University of New York
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2011
• 资助国家: 美国
• 起止时间: 2011-09-01 至 2011-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1117269&HistoricalAwards=false
• 关键词: TC; Small; Mobile; Phone; Password

Textual passwords and personal identification numbers (PINs) are the most dominant means of authentication used currently; and this trend is very likely to continue in the future. However, passwords are either difficult to use (if they are long and randomly generated), or insecure (if users are given the choice of their own passwords). Password Managers are one promising approach aimed to improve the usability and security of passwords, by having a computing device, rather than the user herself, store (and optionally, generate) passwords, and then later deliver or recall them to the user whenever access is needed. A number of password management schemes have been proposed and are employed currently by many affected users. This project concentrates on password management using mobile devices (e.g., cell phones), whose ubiquity makes them an appealing authentication aid. It embarks upon two research directions vis-a-vis such phone managers. First, the project aims at a systematic and formal evaluation, via usability studies and surveys, of currently deployed phone managers. Second, it proposes a redesign that exploits the many different capabilities and characteristics of modern phones (such as on-board sensors and computational resources), in order to address several of the drawbacks with current phone managers. Specifically, a general-purpose password management approach -- called proxy-based authentication -- is introduced. As the name suggests, this approach uses the phone as an authentication proxy between the user and the device to be authenticated to. The project explores how proxy-based authentication can be used to strongly authenticate to: (1) critical online services -- that continue using passwords or PINs -- without incorporating any service-specific modifications, (2) local devices (such as desktops, laptops, ATMs), and (3) ubiquitous but constrained devices (such as personal RFID tags) for user-controlled privacy and enhanced security.The technical merit of this project lies in two aspects. First, it will arrive at a better understanding of current phone managers in terms of usability, efficiency, and security. The goal is to gain insights into users' mental models when using these password managers. Second, the project will pursue the realization of usable proxy-based authentication primitives. To this end, this work is able to simply reuse wealth of existing research on usable user-phone authentication. Instead, the main thrust is on exploring the design and evaluation of usable authentication methods between the phone and the service that ultimately requires authentication. In particular, for phone-service authentication, the project investigates novel short-range human-perceptible (HP) communication that is commonly and cheaply available, fast, robust, least intrusive, and low-power. Notably, the research investigates how to use HP communication to create authenticated channels, and authenticated and eavesdropping resilient channels. Based on the principle of extrinsically motivated design, the project also explores playful HP channels. These channels make the task of manual transmission a fun and entertaining activity for the users.The anticipated impacts of the project include: (1) enhanced interaction among several disciplines including security and cryptography, computer and electrical engineering, networking, and usability and HCI; (2) increased awareness among students and users regarding security practices vis-a-vis one of the most important security problems (authentication); (3) integration of PI's research with educational activities, enabling students taking part in the project to acquire currently uncommon skills at the cusp of Human-Computer Interaction and Trustworthy Computing; (4) emphasis on technology transfer by working with manufacturers and industrial consortia. Another long-term impact of this work is the development of security technologies that can eventually be put to use by general population, i.e., are usable in the true sense. Furthermore, the work is expected to be instrumental in stimulating research on usable security technologies for the blind or visually impaired users who are usually at a high risk for various security vulnerabilities and attacks, perhaps more so in the context of authentication.

文本密码和个人识别号码（PIN）是目前使用的最主要的身份验证手段;这一趋势很可能在未来继续下去。然而，密码要么难以使用（如果它们很长且随机生成），要么不安全（如果用户可以选择自己的密码）。密码管理器是一种很有前途的方法，旨在提高密码的可用性和安全性，方法是让计算设备而不是用户自己存储（并可选地生成）密码，然后在需要访问时将其传递或调用给用户。已经提出了许多密码管理方案，目前许多受影响的用户都在使用这些方案。本项目集中于使用移动的设备（例如，手机），其普遍性使其成为有吸引力的认证辅助。 它开始了两个研究方向相对于这样的电话管理器。 首先，该项目旨在通过可用性研究和调查，对目前部署的电话管理器进行系统和正式的评估。其次，它提出了一种重新设计，利用现代手机的许多不同功能和特性（如板载传感器和计算资源），以解决当前手机管理器的几个缺点。 具体来说，介绍了一种通用的密码管理方法--称为基于代理的身份验证。 顾名思义，这种方法使用电话作为用户和要进行身份验证的设备之间的身份验证代理。 该项目探讨了如何使用基于代理的身份验证进行强身份验证，以：（1）关键在线服务--继续使用密码或PIN--不包含任何特定于服务的修改，（2）本地设备（如台式机、笔记本电脑、ATM），以及（3）无处不在但受限制的设备（例如个人无线射频识别标签），让使用者可自行控制私隐及加强保安。这项计划的技术优点在于两方面。首先，它将在可用性，效率和安全性方面更好地了解当前的电话管理器。我们的目标是在使用这些密码管理器时深入了解用户的心理模型。 第二，该项目将追求实现可用的基于代理的认证原语。 为此，这项工作是能够简单地重用现有的研究可用的用户手机认证的财富。相反，主要的重点是探索电话和最终需要身份验证的服务之间可用的身份验证方法的设计和评估。 特别是，对于电话服务认证，该项目研究了新的短距离人类可感知（HP）通信，该通信通常且价格低廉，快速，鲁棒，侵入性最小，功耗低。 值得注意的是，研究如何使用HP通信来创建认证通道，以及认证和窃听弹性通道。 基于外部动机设计的原则，该项目还探索了好玩的HP渠道。 该项目的预期影响包括：（1）增强安全与密码学、计算机与电气工程、网络、可用性和人机交互等多个学科之间的互动;（2）提高学生和用户对最重要的安全问题之一的安全实践的认识（3）将PI的研究与教育活动相结合，使参与项目的学生能够获得目前在人机交互和可信计算尖端不常见的技能;（4）通过与制造商和工业财团合作，强调技术转移。这项工作的另一个长期影响是开发最终可供普通民众使用的安全技术，即，在真正意义上是有用的。 此外，这项工作预计将有助于促进盲人或视力受损用户的可用安全技术的研究，这些用户通常面临各种安全漏洞和攻击的高风险，在认证方面可能更是如此。