Paper 2015/1161

Cyber and Physical Access Control in Legacy System Using Passwords

Jia Xu, Jianying Zhou, and Liming Lu

Abstract

Password---a secret combination of symbols---plays an important role in physical world security (e.g. watchword to prevent unauthorized entry into military forbidden area) from ancient times. With emergence and advance of digital computers and computer network, passwords are also widely adopted in cyber world security protection. In most applications, password protection stands on the frontier of cyber/physical security defense. Compromise of passwords might render the whole system insecure, and make thereafter sophisticated cryptography solution ineffective. However, secure management of a lot of random passwords is a great challenge to human brains. We propose a visual cryptography technique, which allows users to store and manage ciphertexts of randomly chosen passwords in mobile phone and decrypt them \emph{manually} on demand. The stored passwords remain confidential, even if the mobile phone is infected by spyware (Assume the spyware can capture phone screen, and monitor phone CPU and RAM). We also analyze the security and feasibility of proposed method. Leveraging on this technique, we give a simple access control system based on passwords, which provides a low cost alternative solution for legacy system besides smart card based solution.

Note: This work appeared as internal technique report in 2013.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
Password ManagementVisual CryptographyMobile DeviceSpywareLegacy System
Contact author(s)
jiaxu2001 @ gmail com
History
2015-12-04: last of 2 revisions
2015-12-02: received
See all versions
Short URL
https://ia.cr/2015/1161
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/1161,
      author = {Jia Xu and Jianying Zhou and Liming Lu},
      title = {Cyber and Physical Access Control  in  Legacy System  Using Passwords},
      howpublished = {Cryptology ePrint Archive, Paper 2015/1161},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/1161}},
      url = {https://eprint.iacr.org/2015/1161}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.