Rosanne English

Measuring the revised guessability of graphical passwords

There is no widely accepted way of measuring the level of security of a recognition-based graphical password against guessing attacks. We aim to address this by examining the influence of predictability of user choice on the guessability and proposing a new measure of guessability. Davis et al. showed that these biases exist for schemes using faces and stories, we support this result and show these biases exist in other recognition-based schemes. In addition, we construct an attack exploiting predictability, which we term “Semantic Ordered Guessing Attack” (SOGA). We then apply this attack to two schemes (the Doodles scheme and a standard recognition-based scheme using photographic images) and report the results. The results show that predictability when users select graphical passwords influence the level of security to a varying degree (dependent on the distractor selection algorithm). The standard passimages scheme show an increase on guessability of up to 18 times more likely than the usual reported guessability, with a similar set up of nine images per screen and four screens, the doodles scheme shows a successful guessing attack is 3.3 times more likely than a random guess. Finally, we present a method of calculating a more accurate guessability value, which we call the revised guessability of a recognition-based scheme. Our conclusion is that to maximise the security of a recognition-based graphical password scheme, we recommend disallowing user choice of images.

Towards a metric for recognition-based graphical password security

Recognition-based graphical password (RBGP) schemes are not easily compared in terms of security. Current research uses many different measures which results in confusion as to whether RBGP schemes are secure against guessing and capture attacks. If it were possible to measure all RBGP schemes in a common way it would provide an easy comparison between them, allowing selection of the most secure design. This paper presents a discussion of potential attacks against recognition-based graphical password (RBGP) authentication schemes. As a result of this examination a preliminary measure of the security of a recognition-based scheme is presented. The security measure is a 4-tuple based on distractor selection, shoulder surfing, intersection and replay attacks. It is aimed to be an initial proposal and is designed in a way which is extensible and adjustable as further research in the area develops. Finally, an example is provided by application to the PassFaces scheme.

Comparison of high capacity steganography techniques

The objective of this paper is to implement the Bit Plane Complexity Segmentation (BPCS) algorithm and provide a comparison in terms of effectiveness and hiding capacity with the least significant bits algorithm (LSB) using 4 bits. The BPCS algorithm was chosen due to the effective high hiding capacity promised. The four LSB algorithm was selected as it promised a similar capacity. The motivation for the work was to explicitly examine the hypothesis that the BPCS algorithm would out perform the four LSB algorithm using low order attacks. Effectiveness of the algorithms was measured by visual attacks and basic first order statistical attacks on the stego-images produced. The outcome of the research showed that whilst the hiding capacity of the two algorithms were comparable (both equating to roughly 50%), the four LSB algorithm at the maximum capacity was ineffective. This was due to the fact that a visual attack sufficed to realise there was something hidden. In contrast, the BPCS algorithm provided a much more effective method for obtaining a 50% capacity since visual attacks did not suffice for detection.

The Effectiveness of Intersection Attack Countermeasures for Graphical Passwords

Recognition-based graphical passwords are one of several proposed alternatives to alphanumerical passwords for user authentication. However, there has been limited work on the security of such schemes. Often authors state a possible attack combined with a proposed countermeasure, but the efficacy of the counter measure is not always quantitatively examined. One possible attack which has been discussed without this examination is an intersection attack. If we can establish which countermeasures for this attack are effective, this will provide insight which will make it possible to select the appropriate countermeasure for the level of security required by a given system. Our approach involved creating a simulation of intersection attacks using each of five possible counter measures. The number of attacks which had to be performed before success for each approach was noted and compared to a control where no counter measure was implemented. Our results show that for three of the five countermeasures there was a significant increase in the number of attacks before success, one showed a significant decrease and the other did not show any statistical significance. We show that it is not decisive that using dummy screens when an incorrect image is selected will increase the number of attacks required. We also show that increasing the number of challenge screens reduces the number of attacks required before success as the number of challenge screens approaches the size of the passimage set. Our results allow one to make a more reliable choice of countermeasure to reduce intersection attacks.

Simulating and modelling the effectiveness of graphical password intersection attacks

Recognition‐based graphical passwords (RBGPs) are often proposed as an alternative user authentication mechanism. However, discussion of attack resistance often lacks quantitative examination. Establishing the efficacy of countermeasures could allow selection of an appropriate countermeasure for the level of security required by a given system. Furthermore, this information could be used to construct a model to estimate the number of intersection attacks required before success. This research contributes to these goals by establishing effective countermeasures and a model for intersection attacks. The approach involves creating a simulation of intersection attacks using five possible countermeasures and performing analysis to determine efficacy. Results show that using dummy screens does not increase the number of attacks required. It is also shown that increasing the number of challenge screens can increase and reduce the number of attacks required. Also presented is a model for RBGP schemes that can be used to estimate the number of intersection attacks required for a RBGP scheme when configuration values such as the number of challenge screens are known. This allows a quantitative choice of countermeasure for intersection attacks and a calculation that can provide a basis of comparison with other RBGP schemes, which was previously not possible. Copyright

Page Retrievability Calculator

Knowing how easily pages within a website can be retrieved using the sites search functionality provides crucial information to the site designer. If the system is not retrieving particular pages then the system or information may need to be changed to ensure that visitors to the site have the best chance of finding the relevant information. In this demo paper, we present a Page Retrievability Calculator, which estimates the retrievability of a page for a given search engine. To estimate the retrievability, instead of posing all possible queries, we focus on issuing only those likely to retrieve the page and use them to obtain an accurate approximation. We can also rank the queries associated with the page to show the site designer what queries are most likely to retrieve the pages and at what rank. With this application we can now explore how it might be possible to improve the site or content to improve the retrievability.

Why don't UK citizens protest against privacy-invading dragnet surveillance?

Purpose The purpose of this study was to identify to identify reasons for the lack of protest against dragnet surveillance in the UK. As part of this investigation, a study was carried out to gauge the understanding of “privacy” and “confidentiality” by the well-informed. Design/methodology/approach To perform a best-case study, the authors identified a group of well-informed participants in terms of security. To gain insights into their privacy-related mental models, they were asked first to define the three core terms and then to identify the scenarios. Then, the participants were provided with privacy-related scenarios and were asked to demonstrate their understanding by classifying the scenarios and identifying violations. Findings Although the participants were mostly able to identify privacy and confidentiality scenarios, they experienced difficulties in articulating the actual meaning of the terms privacy, confidentiality and security. Research limitations/implications There were a limited number of participants, yet the findings are interesting and justify further investigation. The implications, even of this initial study, are significant in that if citizens’ privacy rights are being violated and they did not seem to know how to protest this and if indeed they had the desire to do so. Practical implications Had the citizens understood the meaning of privacy, and their ancient right thereto, which is enshrined in law, their response to the Snowden revelations about ongoing wide-scale surveillance might well have been more strident and insistent. Originality/value People in the UK, where this study was carried out, do not seem to protest the privacy invasion effected by dragnet surveillance with any verve. The authors identify a number of possible reasons for this from the literature. One possible explanation is that people do not understand privacy. Thus, this study posits that privacy is unusual in that understanding does not seem to align with the ability to articulate the rights to privacy and their disapproval of such widespread surveillance. This seems to make protests unlikely.