Innovation Toronto
Innovation Toronto
This unassuming material is capable of capturing or releasing carbon dioxide from the atmosphere in response to moisture swings.
Pulling carbon dioxide out of the air using moisture
A more efficient way to capture fresh water from the air
Bringing transformative potential to agriculture with a natural technology for ‘dimming’ genes
Staving off coral reef collapse via a new technique
Producing energy from evaporating tap or seawater with new nanoscale devices
Setting the stage for regenerative therapy by turning skin cells into limb cells

Phoney protection for passwords

May 8, 2016
via www.propertyware.com
via www.propertyware.com
Honeywords provide additional password security

Corporate data breaches seem to be on the rise, rarely a week passes without a company revealing that its database has been hacked and regrettably usernames, passwords, credit card details and its customers’ personal information has been leaked on to the open internet. A new protection, nicknamed Phoney, is reported in the International Journal of Embedded Systems.

Rong Wang, Hao Chen and Jianhua of Sun College of Computer Science and Electronic Engineering, Hunan University, Changsha, China, explain that once password files have been stolen, attackers can quickly crack large numbers of passwords. With their “Phoney” system which employs a threshold cryptosystem to encrypt the password hashes in the password file and honeywords to confuse attackers, even if the hackers have comprised a database, the phoney, honeywords, obfuscate and camouflage the genuine passwords. Moreover, if those honeywords are de-hashed and used in a login attempt, the hacked system will know to immediately block the fake user and lock down the account they tried to break into.

Until a secure and safe alternative is found, passwords will remain the simplest and most effective way to login to online systems, such as shopping, banking and social media sites. Passwords lists stored by the providers can be salted and hashed to make it harder for hackers to decrypt them and users can help themselves by using long, sophisticated passwords. However, the hash used to mask a password database can itself be cracked and breaches happen and data is inevitably compromised. For example, recently 6.5 million logins from a major social networking site were stolen and within a week almost two-thirds of those passwords had been cracked making a large proportion of the user base vulnerable to further exploitation and compromise of their personal data.

The team explains that, “Phoney is helpful to existing password authentication systems and easy to deploy. It requires no modifications to the client, and just changes how the password is stored on the server, which is invisible to the client.” They have carried out tests and show that the time and storage costs are acceptable. “Of course, it is impossible for Phoney to guarantee no password leak absolutely in all possible scenarios,” they say. But the so-called cracking ‘search space’, in other words the amount of effort a hacker needs to breach the data is increased significantly.

Learn more: Phoney protection for passwords

 

 

The Latest on: Cryptosystem

[google_news title=”” keyword=”cryptosystem” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]

via Google News

See Also

A secure and anonymous payment system for daily use

 

The Latest on: Cryptosystem
  • Math Puzzles News
    on May 5, 2024 at 5:00 pm

    Mar. 18, 2024 — The traveling salesman problem is considered a prime example of a combinatorial optimization problem. Now a team has shown that a certain class of such problems can actually be ...

  • Quantum Cryptography Market Innovative Strategies for Harnessing Future Market Size Growth
    on May 2, 2024 at 2:11 am

    The report covers even the supply chain analysis of the top Key players. Quantum cryptography uses our current knowledge of physics to develop a cryptosystem that is not able to be defeated – that is, ...

  • Akira's Devastating $42 Million Ransomware Blitz
    on April 22, 2024 at 10:34 am

    Ransomware assaults have become more frequent and dangerous in the digital sphere in recent years, with Akira ransomware emerging as a severe threat. Akira, which was founded in March 2023, has ...

  • CrowdSwap launches first decentralized crypto ETF bull run dETF
    on April 3, 2024 at 6:54 am

    This method also increases accessibility while preserving the decentralized spirit of the cryptosystem. The flexibility of the Bull Run dETF is a key aspect of CrowdSwap, wherein investors can ...

  • The Quest For Digital Cash
    on October 12, 2021 at 5:00 pm

    The paper described how citizens could encrypt and send digital messages without fear of snooping governments or corporations figuring out the contents: “In a public-key cryptosystem enciphering and ...

  • Op Ed: Quantum Computing, Crypto Agility and Future Readiness
    on December 9, 2019 at 4:00 pm

    There are two main aspects to crypto agility. The first is how easily it is possible to change code so that one cryptosystem is replaced with another. The more the specific structure of the ...

  • Security and the Basics of Encryption in E-Commerce
    on April 24, 2016 at 3:16 pm

    The basic means of encrypting data involves a symmetric cryptosystem. The same key is used to encrypt and to decrypt data. Think about a regular, garden-variety code, which has only one key: two kids ...

via  Bing News

 

Tags
What's Your Reaction?
Don't Like it!
0
I Like it!
0
View Comments (0)

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll To Top