1. Layered battleship game changer password systemBoštjan Brumen, Darko Crepulja, Leon Bošnjak, 2022, original scientific article Abstract: The paper presents a secure and usable variant of the Game Changer Password System, first proposed by McLennan, Manning, and Tuft. Unlike the initial proposal based on inadequately secure Monopoly and Chess, we propose an improved version based on a layered “Battleship” game resilient against brute force and dictionary attacks. Since the initially proposed scheme did not check for the memorability and usability of a layered version, we conducted an experiment on the usability and memorability aspects. Surprisingly, layered passwords are just as memorable as single ones and, with an 80% recall rate, comparable to other graphical password systems. The claim that memorability is the most vital aspect of game-based password systems cannot be disproved. However, the experiment revealed that the usability decreased to such a low level that users felt less inclined to use such a system daily or recommend it to others.
Our study has once again shown that optimizing the password security–memorability–usability triangle is hard to achieve without compromising one of its cornerstones. However, the layered Game Changer Password System can be used in specific applications where usability is of secondary importance, while security and memorability augmented by its graphical interface are at the forefront. Keywords: security, authentication, passwords, graphical passwords, cryptanalysis, games, memory, memorability, usability Published in DKUM: 22.08.2023; Views: 334; Downloads: 20 Full text (820,86 KB) This document has many files! More... |
2. |
3. Avtentikacija spletnih uporabnikov z Web Authentication API : diplomsko deloKlemen Lončar, 2021, undergraduate thesis Abstract: V diplomskem delu raziščemo alternativo za avtentikacijo spletnih uporabnikov, imenovano Web Authentication API, ki na podlagi asimetričnega šifriranja zamenjuje uporabo gesel. Najprej razložimo osnovne pojme in trenutno uveljavljene načine avtentikacije v spletnih sistemih, nadaljujemo s podrobno raziskavo Web Authentication API-ja. Diplomsko delo zaključimo z implementacijo preproste spletne aplikacije, ki za avtentikacijo uporablja Web Authentication API. Keywords: avtentikacija uporabnikov, Web Authentication API, aplikacijski programski vmesnik, asimetrično šifriranje Published in DKUM: 18.10.2021; Views: 1011; Downloads: 88 Full text (2,24 MB) |
4. Comparison of JWT and OAuth 2.0 for authorisation and authentication in rest servicesVid Visočnik, 2018, master's thesis Abstract: The thesis addresses the area of using token authentication and authorisation for software products that, for synchronization and communication purposes, take advantage of underlying REST services. Given that REST service focuses on the use of HTTP protocols, and that REST in its own principle requires being stateless, developers need to address issues regarding user identification, authentication, and authorisation in a stateless manner. In the thesis, we will also show the proper use of security protocols that are part of the HTTP specification, and how to transmit and encrypt sensitive data properly between two endpoints. We will do so by implementing a server and client and, furthermore, present the communication flow needed for ensuring a strong security policy that prevents system vulnerabilities and security flaws by implementing REST service that is stateless and, for the purpose of user identification, uses two of the most common token authentication implementations, OAuth 2.0 and JWT. Furthermore, we will compare the basic principles and concepts of the two user identification frameworks and analyse the benefits of both structurally and what to use in which given situation. Keywords: REST services, OAuth 2.0, JWT, token authentication, communication security, authorisation, authentication Published in DKUM: 17.07.2018; Views: 1406; Downloads: 277 Full text (3,43 MB) |
5. A biometric authentication model using hand gesture imagesSimon Fong, Yan Zhuang, Iztok Fister, Iztok Fister, 2013, original scientific article Abstract: A novel hand biometric authentication method based on measurements of the user's stationary hand gesture of hand sign language is proposed. The measurement of hand gestures could be sequentially acquired by a low-cost video camera. There could possibly be another level of contextual information,associated with these hand signs to be used in biometric authentication. As an analogue, instead of typing a password 'iloveu' in text which is relatively vulnerable over a communication network, a signer can encode a biometric password using a sequence of hand signs, 'i', 'l', 'o', 'v', 'e', and 'u'. Subsequently the features from the hand gesture images are extracted which are integrally fuzzy in nature, to be recognized by a classification model for telling if this signer is who he claimed himself to be, by examining over his hand shape and the postures in doing those signs. Itis believed that everybody has certain slight but unique behavioral characteristics in sign language, so are the different hand shape compositions. Simple and efficient image processing algorithms are used in hand sign recognition, including intensity profiling, color histogram and dimensionality analysis, coupled with several popular machine learning algorithms. Computer simulation is conducted for investigating the efficacy ofthis novel biometric authentication model which shows up to 93.75% recognition accuracy. Keywords: biometric authentication, hand gesture, hand sign recognition, machine learning Published in DKUM: 28.06.2017; Views: 1682; Downloads: 458 Full text (1,83 MB) This document has many files! More... |
6. Characterization of Slovenian wines using multidimensional data analysis from simple enological descriptorsAdriána Bednárová, Roman Kranvogl, Darinka Brodnjak-Vončina, Tjaša Jug, Ernest Beinrohr, 2013, original scientific article Abstract: Determination of the product's origin is one of the primary requirements when certifying a wine's authenticity. Significant research has described the possibilities of predicting a wine's origin using efficient methods of wine components' analyses connected with multivariate data analysis. The main goal of this study was to examine the discrimination ability of simple enological descriptors for the classification of Slovenian red and white wine samples according to their varieties and geographical origins. Another task was to investigate the inter-relations available among descriptors such as relative density, content of total acids, non-volatile acids and volatile acids, ash, reducing sugars, sugar-free extract, $SO_2$, ethanol, pH, and an important additional variable - the sensorial quality of the wine, using correlation analysis, principal component analysis (PCA), and cluster analysis (CLU). 739 red and white wine samples were scanned on a Wine Scan FT 120, from wave numbers 926 $cm^{–1}$ to 5012 $cm^{–1}$. The applied methods of linear discriminant analysis (LDA), general discriminant analysis (GDA), and artificial neural networks (ANN), demonstrated their power for authentication purposes. Keywords: wine authentication, enological descriptors, classification techniques, ANN Published in DKUM: 10.07.2015; Views: 2903; Downloads: 67 Full text (261,13 KB) This document has many files! More... |
7. Improvement of the Peyravian-Jeffries`s user authentication protocol and password change protocolMarko Hölbl, Tatjana Welzer Družovec, Boštjan Brumen, 2008, original scientific article Abstract: Remote authentication of users supported by passwords is a broadly adopted method of authentication within insecure network environments. Such protocols typically rely on pre-established secure cryptographic keys or public key infrastructure. Recently, Peyravian and Jeffries [M. Peyravian, C. Jeffries, Secure remote user access over insecure networks, Computer Communications 29 (5-6) (2006) 660-667] proposed a protocol for secure remote user access over insecure networks. Shortly after the protocol was published Shim [K.A. Shim, Security flaws of remote user access over insecure networks, Computer Communications 30 (1) (2006) 117-121] and Munilla et al. [J. Munilla, A. Peinado, Off-line password-guessing attack to Peyravian-Jeffries`s remote user authentication protocol, Computer Communications 30 (1) (2006) 52-54] independently presented an off-line guessing attack on the protocol. Based on their findings we present an improved secure password-based protocol for remote user authentication, password change, and session key establishment over insecure networks, which is immune against the attack. Keywords: networks, user authentication, remote user access, password-based protocol, security Published in DKUM: 31.05.2012; Views: 2113; Downloads: 81 Link to full text |