CrazyEngineers Archive
Old, but evergreen and popular discussions on CrazyEngineers, presented to you in read-only mode.
@Ankita Katdare • 05 Jun, 2014 • 2 likes
Moving beyond passwords for authentication when logging in to a system, an app, an online service was a long-time calling. Largely because of the increase in incidents of passwords getting hacked or stolen, getting rid of passwords and coming up with an even more effective and secure solution has been a challenge for the University of Alabama at Birmingham (UAB) has come up with a new mechanism called " zero-interaction authentication" that eliminates the need of passwords, is easy-to-use and provides secure login protection. Nitesh Saxena, Ph.D., associate professor in the Department of Computer and Information Science, who leads this research is working in collaboration with the University of Helsinki and Aalto University in Finland on this project.

The new method of zero-interaction authentication works a lot like the passive 'keyless entry' system that is becoming popular in cars. It lets user access a PC, tablet or a car without interacting with it. Using wireless channels such as Bluetooth, the system detects the user’s security token such as a mobile phone and then depending on it, verifies and grants access to the user. This works the same way as the BlueProximity app - that can be used for automatically locking and unlocking the screen when you and your phone leave/enter the desk.

passwords-not-needed-uab-researchers

Before we go on to label this new mechanism as a plain proximity detector, we have to consider the fact that the zero-interaction authentication in use today are vulnerable to relay attacks (also called "ghost-and-leech attacks"). These attacks normally have a hacker or ghost who authenticates to the terminal on behalf of the user by colluding with another hacker or leech, who is close to the user at another location.

To counter such attacks, the UAB research team studied two types of sensor modalities - First included four sensor modalities that are commonly present on devices: Wi-Fi, Bluetooth, GPS and audio and Second involved the capabilities of using ambient physical sensors as a proximity-detection mechanism and focused on four: ambient temperature, precision gas, humidity and altitude. The second method was clearly a winner. By employing multiple modality combinations, the researchers were successful in delivering a robust relay-attack defense as well as good usability.

password-not-needed-uab-research-2
What are your thoughts on zero-interaction authentication mechanism? Share with us in comments below.
Source: UAB Research
@awasthi.nishant01 • 05 Jun, 2014 Idea is awesome but second approach doesn't seem to be explained much. If you can provide any link where the details of second approach can be found.
@Ankita Katdare • 05 Jun, 2014 @awasthi.nishant01 Sure. You can study these two papers published by the UAB researchers -

Comparing and Fusing Different Sensor Modalities for Relay Attack Resistance in Zero-Interaction Authentication
https://www.cis.uab.edu/saxena/docs/tgssan-percom14.pdf

Drone to the Rescue: Relay-Resilient Authentication using Ambient Multi-Sensing
https://www.cis.uab.edu/saxena/docs/ssta-fc14.pdf
@Satya Swaroop Dash • 06 Jun, 2014 The authentication method too many parameters to make sure it is foolproof but this also means investing more money for hardware. So is the cost of the hardware for this system worth the money ?
To answer this question we have to find out what will its commercial equivalent cost ?.
2k views

Related Posts

@yadavundertaker mohit · Nov 7, 2009

COTTER JOINT A cotter joint is used to connect rigidly two co-axial rods or bars which are subjected to axial tensile or compressive forces . It is a temporary fastening...
28.2k views

@DHARMENDRA PARIHAR · Jan 28, 2016

Dear mam, Is it not possible to get internships in TATA Moters without having references??? Is there any ways to apply, can you tell me please..
1.3k views

@Kaustubh Katdare · Feb 21, 2017

Reliance Jio has announced the new 'Jio Prime' membership plan for all of its 100 million customers. Reliance head, Mr. Mukesh Ambani unveiled the Jio Prime membership details at a...
1.7k views

@Ankita Katdare · Nov 12, 2013

MAKO Robot developed by Michael Ghandour in Chino, California is fast getting popular as the artificial intelligence bot that can do EVERYTHING. Yep, the multi-lingual robot which is now up...
2.6k views

@Kaustubh Katdare · Oct 28, 2015

The new BSNL portal portal.bsnl.in looks very promising but I'm unable to login to it using my old username and password. I tried creating a new account to see if...
3.1k views