Achieving flatness: Graph labeling can generate graphical honeywords
TL;DR: Wang et al. as discussed by the authors proposed a method to protect the hashed passwords by using topological graphic sequences, which works effectively even if the password file is leaked by using graphic labeling.
Abstract: In this paper, we propose a method to protect the hashed passwords by using topological graphic sequences This method works effectively even if the password file is leaked First, the user password is divided based on its length Then the processed string and the topological graphic sequence are operated for obtaining the real decoy honeywords In this way, a flatness honeywords generation method is generated Since every password seems unrealistic, the hacker who steals the hashed password file cannot distinguish between the real passwords and the honeywords If he uses the honeywords for login, the system will know that it is the intruder’s attack, and then the service provider (SP) can take security measures Finally, several typical attack methods are analyzed to verify the effectiveness of our scheme We use the topological graph to generate the honeywords, which is the first application of graphic labeling in the honeywords generation
Citations
More filters
16 Jun 2021
TL;DR: This paper proposes two new labelings: vertex image-labeling and edge image- labels, and combines newlabelings to form matching-type image- labeling with multiple restrictions.
Abstract: A variety of labelings on trees have emerged in order to attack the Graceful Tree Conjecture, but lack showing the connections between two labelings. In this paper, we propose two new labelings: vertex image-labeling and edge image-labeling, and combine new labelings to form matching-type image-labeling with multiple restrictions. The research starts from the set-ordered graceful labeling of the trees, and we give several generation methods and relationships for well-known labelings and two new labelings on trees.
3 citations
30 Dec 2022
TL;DR: In this article , the authors proposed a tokenization-based authentication scheme, which can serve the purpose of honeywords but in a more cost-effective way than traditional password-based schemes.
Abstract: In the era of computer systems, user authentication, both online and offline, is an unavoidable step for securing users’ privacy. Password-based authentication is popularly adopted for its simplicity in this context. In password-based authentication, a set of credentials (mostly username and password) is required to identify the unique user. But this method of authentication is vulnerable to inversion attack paradigm. In inversion attack, the adversary obtains the plaintext password by cracking the hashed value of the password. Honeyword-based authentication has been introduced to combat such attacks. In this strategy, certain dummy passwords or honeywords are saved along with the user’s original password. When an adversary tries to enter one of the honeywords to log into the system, an alarm message is sent to the authority via an auxiliary server called honeychecker. Although this technique is useful to address this type of security threat, the requirement of additional space to store the honeywords is still an overhead. Driven by these drawbacks, this work is aimed to propose a strategy which can serve the purpose of honeywords but in a more cost-effective way. In this technique, the concept of tokenization is utilized. Theoretical and experimental analyses have been done to assess the viability of the proposed scheme. A comparative study between the proposed scheme and honeyword-based authentication has been carried out based on required storage cost and resiliency against MSV attack. From our rigorous analysis, it is found that our scheme shows promising results in terms of other usability and security features as well.
TL;DR: A transformation of strongly c-elegant labelling is defined, which provides a method for the transformation between several strongly c’s of a graph, and several types of large-scale graphs are constructed through graph operations, and it is proved the existence of their strongly c.elegants.
Abstract: In this paper, we deduce the equivalence relationship among strongly c-elegant labelling, super-edge magic total labelling, edge antimagic total labelling, and super
t
,
1
-magical labelling. We study some properties of the graph with a strongly c-elegant labelling. On the basis of small-scale graphs with strongly c-elegant labelling, several types of large-scale graphs are constructed through graph operations, and we further prove the existence of their strongly c-elegant labelling. In addition, we also define a transformation of strongly c-elegant labelling, which provides a method for the transformation between several strongly c-elegant labellings of a graph.
DOI•
15 Oct 2021TL;DR: In this paper, the authors introduce graph operations: adding-removing edge or vertex operations, vertex-splitting and vertex-coinciding operations, edge splitting and edge splitting operations, cycle splitting and cycle splitting operations, and so on.
Abstract: We introduce graph operations: adding-removing edge or vertex operations, vertex-splitting and vertex-coinciding operations, edge-splitting and edge-coinciding operations, cycle-coinciding and cycle-splitting operations, H-coinciding and H-splitting operations, and so on. Next we build up graph operation lattices, self-isomorphic graph (anti-)homomorphisms, stochastic-graphic lattices and operation scale-free network lattices in topological coding. We show that our lattices introduced here possess the property like that of collision resistant hash functions.
TL;DR: The multiple constraints of graph colorings and labelings are used to propose 6C-labeling, 6D-complementary labeling, and its reciprocal-inverse labeling, since they can be applied to build up topological coding.
Abstract: With the fast development of networks, one has to focus on the security of information running in real networks. A technology that might be able to resist attacks equipped with AI techniques and quantum computers is the so-called topological graphic password of topological coding. In order to further study topological coding, we use the multiple constraints of graph colorings and labelings to propose 6C-labeling, 6C-complementary labeling, and its reciprocal-inverse labeling, since they can be applied to build up topological coding. We show some connections between 6C-labeling and other graph labelings/colorings and show graphs admitting twin-type 6C-labelings, as well as the construction of graphs admitting twin-type 6C-labelings.
References
More filters
Journal Article•
TL;DR: In this survey I have collected everything I could find on graph labelings techniques that have appeared in journals that are not widely available.
Abstract: A graph labeling is an assignment of integers to the vertices or edges, or both, subject to certain conditions. Graph labelings were first introduced in the late 1960s. In the intervening years dozens of graph labelings techniques have been studied in over 1000 papers. Finding out what has been done for any particular kind of labeling and keeping up with new discoveries is difficult because of the sheer number of papers and because many of the papers have appeared in journals that are not widely available. In this survey I have collected everything I could find on graph labeling. For the convenience of the reader the survey includes a detailed table of contents and index.
2,367 citations
Proceedings Article•
23 Aug 1999TL;DR: This work proposes and evaluates new graphical password schemes that exploit features of graphical input displays to achieve better security than text-based passwords and describes the prototype implementation of one of the schemes on a personal digital assistants (PDAs) namely the Palm PilotTM.
Abstract: In this paper we propose and evaluate new graphical password schemes that exploit features of graphical input displays to achieve better security than text-based passwords. Graphical input devices enable the user to decouple the position of inputs from the temporal order in which those inputs occur, and we show that this decoupling can be used to generate password schemes with substantially larger (memorable) password spaces. In order to evaluate the security of one of our schemes, we devise a novel way to capture a subset of the "memorable" passwords that, we believe, is itself a contribution. In this work we are primarily motivated by devices such as personal digital assistants (PDAs) that offer graphical input capabilities via a stylus, and we describe our prototype implementation of one of our password schemes on such a PDA, namely the Palm PilotTM.
869 citations
TL;DR: In this article, pictures of objects were recalled significantly better than their names on the first two of four free recall trials and showed that picture superiority occurred for terminal input items on Trial 1, and both terminal and early item on Trial 2.
Abstract: Pictures of objects were recalled significantly better than their names on the first two of four free recall trials. Recall for the two modes did not differ in intertriai organization but striking differences occurred as a function of input serial order. Picture superiority occurred for terminal input items on Trial 1, and both terminal and early items on Trial 2. The findings are discussed in terms of verbal and nonverbal (concrete) memory codes.
477 citations
Book•
01 Jan 2004
TL;DR: Gary Chartrand and Ping Zhang's lively and engaging style, historical emphasis, unique examples and clearly-written proof techniques make it a sound yet accessible text that stimulates interest in an evolving subject and exploration in its many applications.
Abstract: Written by one of the leading authors in the field, this text provides a student-friendly approach to graph theory for undergraduates. Much care has been given to present the material at the most effective level for students taking a first course in graph theory. Gary Chartrand and Ping Zhang's lively and engaging style, historical emphasis, unique examples and clearly-written proof techniques make it a sound yet accessible text that stimulates interest in an evolving subject and exploration in its many applications. This text is part of the Walter Rudin Student Series in Advanced Mathematics.
364 citations
TL;DR: In this paper, a security model that can accurately capture the practical capabilities of an adversary is defined and a broad set of twelve properties framed as a systematic methodology for comparative evaluation, allowing schemes to be rated across a common spectrum.
Abstract: As the most prevailing two-factor authentication mechanism, smart-card-based password authentication has been a subject of intensive research in the past two decades, and hundreds of this type of schemes have wave upon wave been proposed. In most of these studies, there is no comprehensive and systematical metric available for schemes to be assessed objectively, and the authors present new schemes with assertions of the superior aspects over previous ones, while overlooking dimensions on which their schemes fare poorly. Unsurprisingly, most of them are far from satisfactory—either are found short of important security goals or lack of critical properties, especially being stuck with the security-usability tension. To overcome this issue, in this work we first explicitly define a security model that can accurately capture the practical capabilities of an adversary and then suggest a broad set of twelve properties framed as a systematic methodology for comparative evaluation, allowing schemes to be rated across a common spectrum. As our main contribution, a new scheme is advanced to resolve the various issues arising from user corruption and server compromise, and it is formally proved secure under the harshest adversary model so far. In particular, by integrating “honeywords”, traditionally the purview of system security, with a “fuzzy-verifier”, our scheme hits “two birds”: it not only eliminates the long-standing security-usability conflict that is considered intractable in the literature, but also achieves security guarantees beyond the conventional optimal security bound.
323 citations