Better authentication password revolution by evolution (transcript of discussion)

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

Abstract

The problem is that passwords are a rubbish way of authenticating, and there has been a lot of work trying to deal with this. One of the problems is that if you have a shared secret scheme then you need a different secret for every pair of things. For every user they need a different secret per thing they are authenticating to. If they have several of devices then they need one set of these per device as well, so that if one of them is compromised then you don't lose everything. However revocation and key management are then difficult. The problem with passwords is that you still have to use them because lots of things require a password input, and it's hard to change that.
LanguageEnglish
Title of host publicationSecurity Protocols XXII
Subtitle of host publication22nd International Workshop, Cambridge, UK, March 19-21, 2014, Revised Selected Papers
EditorsBruce Christianson, James Malcolm, Vashek Matyáš, Petr Švenda, Frank Stajano, Jonathan Anderson
Place of PublicationCham, Switzerland
PublisherSpringer
Pages146-153
Number of pages8
ISBN (Print) 9783319123998
DOIs
Publication statusPublished - 29 Oct 2014

Fingerprint

Authentication

Keywords

  • passwords
  • authentication
  • key management

Cite this

Thomas, D. R. (2014). Better authentication password revolution by evolution (transcript of discussion). In B. Christianson, J. Malcolm, V. Matyáš, P. Švenda, F. Stajano, & J. Anderson (Eds.), Security Protocols XXII: 22nd International Workshop, Cambridge, UK, March 19-21, 2014, Revised Selected Papers (pp. 146-153). Cham, Switzerland: Springer. https://doi.org/10.1007/978-3-319-12400-1_14
Thomas, Daniel R. / Better authentication password revolution by evolution (transcript of discussion). Security Protocols XXII: 22nd International Workshop, Cambridge, UK, March 19-21, 2014, Revised Selected Papers. editor / Bruce Christianson ; James Malcolm ; Vashek Matyáš ; Petr Švenda ; Frank Stajano ; Jonathan Anderson. Cham, Switzerland : Springer, 2014. pp. 146-153
@inproceedings{1783dd2c4acf4e5dbf77f34221555c60,
title = "Better authentication password revolution by evolution (transcript of discussion)",
abstract = "The problem is that passwords are a rubbish way of authenticating, and there has been a lot of work trying to deal with this. One of the problems is that if you have a shared secret scheme then you need a different secret for every pair of things. For every user they need a different secret per thing they are authenticating to. If they have several of devices then they need one set of these per device as well, so that if one of them is compromised then you don't lose everything. However revocation and key management are then difficult. The problem with passwords is that you still have to use them because lots of things require a password input, and it's hard to change that.",
keywords = "passwords, authentication, key management",
author = "Thomas, {Daniel R.}",
year = "2014",
month = "10",
day = "29",
doi = "10.1007/978-3-319-12400-1_14",
language = "English",
isbn = "9783319123998",
pages = "146--153",
editor = "Bruce Christianson and James Malcolm and Vashek Maty{\'a}š and Petr Švenda and Frank Stajano and Jonathan Anderson",
booktitle = "Security Protocols XXII",
publisher = "Springer",

}

Thomas, DR 2014, Better authentication password revolution by evolution (transcript of discussion). in B Christianson, J Malcolm, V Matyáš, P Švenda, F Stajano & J Anderson (eds), Security Protocols XXII: 22nd International Workshop, Cambridge, UK, March 19-21, 2014, Revised Selected Papers. Springer, Cham, Switzerland, pp. 146-153. https://doi.org/10.1007/978-3-319-12400-1_14

Better authentication password revolution by evolution (transcript of discussion). / Thomas, Daniel R.

Security Protocols XXII: 22nd International Workshop, Cambridge, UK, March 19-21, 2014, Revised Selected Papers. ed. / Bruce Christianson; James Malcolm; Vashek Matyáš; Petr Švenda; Frank Stajano; Jonathan Anderson. Cham, Switzerland : Springer, 2014. p. 146-153.

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

TY - GEN

T1 - Better authentication password revolution by evolution (transcript of discussion)

AU - Thomas, Daniel R.

PY - 2014/10/29

Y1 - 2014/10/29

N2 - The problem is that passwords are a rubbish way of authenticating, and there has been a lot of work trying to deal with this. One of the problems is that if you have a shared secret scheme then you need a different secret for every pair of things. For every user they need a different secret per thing they are authenticating to. If they have several of devices then they need one set of these per device as well, so that if one of them is compromised then you don't lose everything. However revocation and key management are then difficult. The problem with passwords is that you still have to use them because lots of things require a password input, and it's hard to change that.

AB - The problem is that passwords are a rubbish way of authenticating, and there has been a lot of work trying to deal with this. One of the problems is that if you have a shared secret scheme then you need a different secret for every pair of things. For every user they need a different secret per thing they are authenticating to. If they have several of devices then they need one set of these per device as well, so that if one of them is compromised then you don't lose everything. However revocation and key management are then difficult. The problem with passwords is that you still have to use them because lots of things require a password input, and it's hard to change that.

KW - passwords

KW - authentication

KW - key management

U2 - 10.1007/978-3-319-12400-1_14

DO - 10.1007/978-3-319-12400-1_14

M3 - Conference contribution book

SN - 9783319123998

SP - 146

EP - 153

BT - Security Protocols XXII

A2 - Christianson, Bruce

A2 - Malcolm, James

A2 - Matyáš, Vashek

A2 - Švenda, Petr

A2 - Stajano, Frank

A2 - Anderson, Jonathan

PB - Springer

CY - Cham, Switzerland

ER -

Thomas DR. Better authentication password revolution by evolution (transcript of discussion). In Christianson B, Malcolm J, Matyáš V, Švenda P, Stajano F, Anderson J, editors, Security Protocols XXII: 22nd International Workshop, Cambridge, UK, March 19-21, 2014, Revised Selected Papers. Cham, Switzerland: Springer. 2014. p. 146-153 https://doi.org/10.1007/978-3-319-12400-1_14