scispace - formally typeset
Topic

Password

About: Password is a(n) research topic. Over the lifetime, 35069 publication(s) have been published within this topic receiving 389691 citation(s). The topic is also known as: pwd & p.

...read more

Papers
  More

Open accessJournal ArticleDOI: 10.1109/TCSVT.2003.818349
Anil K. Jain1, Arun Ross2, Salil PrabhakarInstitutions (2)
Abstract: A wide variety of systems requires reliable personal recognition schemes to either confirm or determine the identity of an individual requesting their services. The purpose of such schemes is to ensure that the rendered services are accessed only by a legitimate user and no one else. Examples of such applications include secure access to buildings, computer systems, laptops, cellular phones, and ATMs. In the absence of robust personal recognition schemes, these systems are vulnerable to the wiles of an impostor. Biometric recognition, or, simply, biometrics, refers to the automatic recognition of individuals based on their physiological and/or behavioral characteristics. By using biometrics, it is possible to confirm or establish an individual's identity based on "who she is", rather than by "what she possesses" (e.g., an ID card) or "what she remembers" (e.g., a password). We give a brief overview of the field of biometrics and summarize some of its advantages, disadvantages, strengths, limitations, and related privacy concerns.

...read more

  • Fig. 1. Block diagrams of enrollment, verification, and identification tasks are shown using the four main modules of a biometric system, i.e., sensor, feature extraction, matcher, and system database.
    Fig. 1. Block diagrams of enrollment, verification, and identification tasks are shown using the four main modules of a biometric system, i.e., sensor, feature extraction, matcher, and system database.
  • Fig. 2. Biometric system error rates. (a) FMR and FNMR for a given threshold t are displayed over the genuine and impostor score distributions; FMR is the percentage of nonmate pairs whose matching scores are greater than or equal to t, and FNMR is the percentage of mate pairs whose matching scores are less than t. (b) Choosing different operating points results in different FMR and FNMR. The curve relating FMR to FNMR at different thresholds is referred to as receiver operating characteristics (ROC). Typical operating points of different biometric applications are displayed on an ROC curve. Lack of understanding of the error rates is a primary source of confusion in assessing system accuracy in vendor/user communities alike.
    Fig. 2. Biometric system error rates. (a) FMR and FNMR for a given threshold t are displayed over the genuine and impostor score distributions; FMR is the percentage of nonmate pairs whose matching scores are greater than or equal to t, and FNMR is the percentage of mate pairs whose matching scores are less than t. (b) Choosing different operating points results in different FMR and FNMR. The curve relating FMR to FNMR at different thresholds is referred to as receiver operating characteristics (ROC). Typical operating points of different biometric applications are displayed on an ROC curve. Lack of understanding of the error rates is a primary source of confusion in assessing system accuracy in vendor/user communities alike.
  • Fig. 3. Examples of biometric characteristics: (a) DNA, (b) ear, (c) face, (d) facial thermogram, (e) hand thermogram, (f) hand vein, (g) fingerprint, (h) gait, (i) hand geometry, (j) iris, (k) palmprint, (l) retina, (m) signature, and (n) voice.
    Fig. 3. Examples of biometric characteristics: (a) DNA, (b) ear, (c) face, (d) facial thermogram, (e) hand thermogram, (f) hand vein, (g) fingerprint, (h) gait, (i) hand geometry, (j) iris, (k) palmprint, (l) retina, (m) signature, and (n) voice.
  • TABLE I COMPARISON OF VARIOUS BIOMETRIC TECHNOLOGIES BASED ON THE PERCEPTION OF THE AUTHORS. HIGH, MEDIUM, AND LOW ARE DENOTED BY H, M, AND L, RESPECTIVELY
    TABLE I COMPARISON OF VARIOUS BIOMETRIC TECHNOLOGIES BASED ON THE PERCEPTION OF THE AUTHORS. HIGH, MEDIUM, AND LOW ARE DENOTED BY H, M, AND L, RESPECTIVELY
  • Fig. 4. Examples of biometric application. (a) Fingerprint verification system manufactured by Digital Persona, Inc., is used for computer and network login. (b) Fingerprint-based point of sale (POS) terminal manufactured by Indivos, Inc., that verifies the customers before charging their credit cards and speeds up payment in retail shops, restaurants and cafeterias. (c) Fingerprint-based door lock manufactured by BioThentica Corporation used to restrict access to premises is shown. (d) Immigration and naturalization service accelerated service system (INSPASS), which is installed at major airports in the U.S., is based on hand geometry verification technology developed by Recognition Systems, Inc., and significantly reduces the immigration processing time. (e) Border passage system using iris recognition at London’s Heathrow airport. (f) Ben Gurion airport in Tel Aviv (Israel) uses Express Card entry kiosks fitted with hand geometry systems for security and immigration. (g) The FacePass system from Viisage is used in POS verification applications like ATMs, therefore obviating the need for PINs. (h) The Identix TouchClock fingerprint system is used in time and attendance applications.
    Fig. 4. Examples of biometric application. (a) Fingerprint verification system manufactured by Digital Persona, Inc., is used for computer and network login. (b) Fingerprint-based point of sale (POS) terminal manufactured by Indivos, Inc., that verifies the customers before charging their credit cards and speeds up payment in retail shops, restaurants and cafeterias. (c) Fingerprint-based door lock manufactured by BioThentica Corporation used to restrict access to premises is shown. (d) Immigration and naturalization service accelerated service system (INSPASS), which is installed at major airports in the U.S., is based on hand geometry verification technology developed by Recognition Systems, Inc., and significantly reduces the immigration processing time. (e) Border passage system using iris recognition at London’s Heathrow airport. (f) Ben Gurion airport in Tel Aviv (Israel) uses Express Card entry kiosks fitted with hand geometry systems for security and immigration. (g) The FacePass system from Viisage is used in POS verification applications like ATMs, therefore obviating the need for PINs. (h) The Identix TouchClock fingerprint system is used in time and attendance applications.
  • + 5

Topics: Biometrics (56%), Speaker recognition (53%), Password (52%) ...read more

4,384 Citations


Open accessJournal ArticleDOI: 10.1145/358790.358797
Leslie Lamport1Institutions (1)
Abstract: A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system. The method assumes a secure one-way encryption function and can be implemented with a microcomputer in the user's terminal.

...read more

Topics: S/KEY (67%), Password (65%), One-time password (65%) ...read more

2,740 Citations


Proceedings ArticleDOI: 10.1145/319709.319714
01 Nov 1999-
Abstract: We combine well-known techniques from the areas of error-correcting codes and cryptography to achieve a new type of cryptographic primitive that we refer to as a fuzzy commitment scheme. Like a conventional cryptographic commitment scheme, our fuzzy commitment scheme is both concealing and binding: it is infeasible for an attacker to learn the committed value, and also for the committer to decommit a value in more than one way. In a conventional scheme, a commitment must be opened using a unique witness, which acts, essentially, as a decryption key. By contrast, our scheme is fuzzy in the sense that it accepts a witness that is close to the original encrypting witness in a suitable metric, but not necessarily identical.This characteristic of our fuzzy commitment scheme makes it useful for applications such as biometric authentication systems, in which data is subject to random noise. Because the scheme is tolerant of error, it is capable of protecting biometric data just as conventional cryptographic techniques, like hash functions, are used to protect alphanumeric passwords. This addresses a major outstanding problem in the theory of biometric authentication. We prove the security characteristics of our fuzzy commitment scheme relative to the properties of an underlying cryptographic hash function.

...read more

1,639 Citations


Open accessProceedings ArticleDOI: 10.1109/RISP.1992.213269
Steven M. Bellovin1, Michael Merritt1Institutions (1)
04 May 1992-
Abstract: Classic cryptographic protocols based on user-chosen keys allow an attacker to mount password-guessing attacks. A combination of asymmetric (public-key) and symmetric (secret-key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. In particular, a protocol relying on the counter-intuitive motion of using a secret key to encrypt a public key is presented. Such protocols are secure against active attacks, and have the property that the password is protected against offline dictionary attacks. >

...read more

Topics: Salt (cryptography) (71%), Zero-knowledge password proof (69%), Password strength (68%) ...read more

1,523 Citations


Open accessBook ChapterDOI: 10.1007/3-540-45539-6_11
14 May 2000-
Abstract: Password-based protocols for authenticated key exchange (AKE) are designed to work despite the use of passwords drawn from a space so small that an adversary might well enumerate, off line, all possible passwords. While several such protocols have been suggested, the underlying theory has been lagging. We begin by defining a model for this problem, one rich enough to deal with password guessing, forward secrecy, server compromise, and loss of session keys. The one model can be used to define various goals. We take AKE (with "implicit" authentication) as the "basic" goal, and we give definitions for it, and for entity-authentication goals as well. Then we prove correctness for the idea at the center of the Encrypted Key-Exchange (EKE) protocol of Bellovin and Merritt: we prove security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.

...read more

1,339 Citations


Performance
Metrics
No. of papers in the topic in previous years
YearPapers
202214
2021654
20201,381
20192,204
20182,492
20172,695

Top Attributes

Show by:

Topic's top 5 most impactful authors

Lu Zhou

103 papers, 725 citations

Dongho Won

58 papers, 812 citations

Saru Kumari

53 papers, 1.6K citations

Muhammad Khurram Khan

49 papers, 2.3K citations

Kee-Young Yoo

49 papers, 868 citations

Network Information
Related Topics (5)
Authentication

74.7K papers, 867.1K citations

93% related
Encryption

98.3K papers, 1.4M citations

91% related
Information security

25.2K papers, 327.7K citations

90% related
Cloud computing security

27.1K papers, 511.8K citations

90% related
Cryptography

37.3K papers, 854.5K citations

90% related