![[Search]](/static/images/search.gif){kind=small}
![[A-Z Index]](/static/images/az.gif){kind=small}
![[Contact]](/static/images/contact.gif){kind=small}
![[University of Cambridge]](/static/images/identifier2.gif){kind=small}
![[Talks.cam]](/static/images/talkslogosmall.gif)
Friday 22 January 2010, 16:00-16:25
Statistical Attacks on Personal Knowledge Questions
- π€ Speaker: Joseph Bonneau, Cambridge University
- π Date & Time: Friday 22 January 2010, 16:00 - 16:25
- π Venue: Computer Laboratory, William Gates Building, Room FW11
Abstract
When passwords fail and hardware or biometrics are infeasible, many systems still rely on personal knowledge questions for human authentication. In the past year, high-profile accounts of Twitter executives and US politician Sarah Palin were compromised by guessing personal knowledge questions. This talk will discuss the range of attacks on personal knowledge-based protocols. The speaker will then introduce new research on statistical guessing attacks, including information-theoretic models of guessing and their security implications when applied to real-world probability distributions of the names of people, pets, and places. Finally, possible countermeasures based on active shaping of user’s answer choices will be analysed.
Series This talk is part of the Computer Laboratory Security Group meeting presentations series.
Included in Lists
- All Talks (aka the CURE list)
- bld31
- Cambridge talks
- Computer Laboratory Security Group meeting presentations
- Computer Laboratory, William Gates Building, Room FW11
- Department of Computer Science and Technology talks and seminars
- Interested Talks
- School of Technology
- Security-related talks
- Trust & Technology Initiative - interesting events
- yk449
Note: Ex-directory lists are not shown.