How Much Assurance Does a PIN Provide?
نویسندگان
چکیده
We would like to quantify the assurance contained in an authentication secret. For instance, how much assurance does a customer convey to a bank by revealing that his Personal Identification Number (PIN) is 1111? We review a number of previously proposed measures, such as Shannon Entropy and min-entropy. Although each is appropriate under some assumptions, none is robust regarding the attacker’s knowledge about a nonuniform distribution. We therefore offer new measures that are more robust and useful. Uniform distributions are easy to analyze, but are rare in human memory; we therefore investigate ways to “groom” nonuniform distributions to be uniform. We describe experiments that apply the techniques to highly nonuniform distributions, such as English names.
منابع مشابه
Assurance for federated identity management
Federated Identity Management is an emerging paradigm that is rightly getting a lot of standardization and research attention. One aspect that is not receiving enough attention is assurance. Given the challenges enterprises faced trying to demonstrate appropriate control of their internal and monolithic identity management systems, the problem of how to provide assurance to multiple stakeholder...
متن کاملHow Much Time Does It Need to Get Competence in Biomedical Research?
سخن سردبیر Editorial مجله دانشگاه علوم پزشکی رفسنجان دوره نوزدهم، تیر 1399، 324-323 چقدر زمان برای کسب تبحر در پژوهشهای علوم سلامت مورد نیاز است؟ How Much Time Does It Need to Get Competence in Biomedical Research? محسن رضائیان[1] M. Rezaeian در سخن سردبیری شماره گذشته مجله دانشگاه به این موضوع پرداختیم که " چقدر زمان برای نوشتن یک مقاله مورد نیاز است؟" همانجا، به...
متن کاملDoes a cell protein explain Covid-19 severity
Does a protein on the surface of some of our cells explain why certain people are more at risk from covid-19? The coronavirus attaches to a receptor protein on the surface(ACE) of our cells to gain entry to them. The protein is carried by cells in the nose, lungs and gut. It is possible that variation in how much of this protein people have may help explain why some are more likely to die from ...
متن کاملSoftware Quality in the Objectory Process
In this paper we discuss how software quality assurance is realized in Rational Objectory. Although much support is given through guidelines and checkpoints, the tool fails to provide clear goals and metrics for quality assessments and it only partially supports the phases in a measurement program.
متن کاملMemorable and Secure: How Do You Choose Your PIN?
Managing all your PINs is difficult. Banks acknowledge this by allowing and facilitating PIN changes. However, choosing secure PINs is a difficult task for humans as they are incapable of consciously generating randomness. This leads to certain PINs being chosen more frequently than others, which in turn increases the danger of someone else guessing correctly. We investigate different methods o...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005