English
Related papers

Related papers: Optimizing Password Composition Policies

200 papers

In recent decades, criminals have increasingly used the web to research, assist and perpetrate criminal behaviour. One of the most important ways in which law enforcement can battle this growing trend is through accessing pertinent…

Cryptography and Security · Computer Science 2020-12-03 Aikaterini Kanta , Iwen Coisel , Mark Scanlon

For the first time, we report gender bias in people's choice and use of password managers, through a semi-structured interview ($n=18$) and a questionnaire-based survey ($n=200$, conducted `in the wild'). Not only do women and men prefer…

Cryptography and Security · Computer Science 2022-06-29 Jeff Yan , Dearbhla McCabe

We introduce the concept of "universal password model" -- a password model that, once pre-trained, can automatically adapt its guessing strategy based on the target system. To achieve this, the model does not need to access any plaintext…

Cryptography and Security · Computer Science 2024-03-14 Dario Pasquini , Giuseppe Ateniese , Carmela Troncoso

During the development of the security subsystem of modern information systems, a problem of the joint implementation of several access control models arises quite often. Traditionally, a request for the user's access to resources is…

Cryptography and Security · Computer Science 2018-12-21 S. V. Belim , N. F. Bogachenko , Y. S. Rakitskiy , A. N. Kabanov

In the last years we have witnessed the appearance of a variety of strategies to design optimal location privacy-preserving mechanisms, in terms of maximizing the adversary's expected error with respect to the users' whereabouts. In this…

Cryptography and Security · Computer Science 2017-08-25 Simon Oya , Carmela Troncoso , Fernando Pérez-González

Despite numerous countermeasures proposed by practitioners and researchers, remote control-flow alteration of programs with memory-safety vulnerabilities continues to be a realistic threat. Guaranteeing that complex software is completely…

Cryptography and Security · Computer Science 2017-02-20 Martín Ochoa , Sebastian Banescu , Cynthia Disenfeld , Gilles Barthe , Vijay Ganesh

Some protected password change protocols were proposed. However, the previous protocols were easily vulnerable to several attacks such as denial of service, password guessing, stolen-verifier and impersonation atacks etc. Recently, Chang et…

Cryptography and Security · Computer Science 2007-05-23 Ren-Chiun Wang , Chou-Chen Yang , Kun-Ru Mo

Increasing amounts of available data have led to a heightened need for representing large-scale probabilistic knowledge bases. One approach is to use a probabilistic database, a model with strong assumptions that allow for efficiently…

Artificial Intelligence · Computer Science 2019-04-04 Tal Friedman , Guy Van den Broeck

With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of users. Password authentication is one of the widely used methods to…

Cryptography and Security · Computer Science 2023-01-31 Lifeng Han

Probabilistic Logic Programming is an effective formalism for encoding problems characterized by uncertainty. Some of these problems may require the optimization of probability values subject to constraints among probability distributions…

Logic in Computer Science · Computer Science 2023-06-22 Damiano Azzolini , Fabrizio Riguzzi

The Guesswork problem was originally motivated by a desire to quantify computational security for single user systems. Leveraging recent results from its analysis, we extend the remit and utility of the framework to the quantification of…

Information Theory · Computer Science 2017-08-04 Mark M. Christiansen , Ken R. Duffy , Flavio du Pin Calmon , Muriel Medard

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl

The existence of errors or inconsistencies in the configuration of security components, such as filtering routers and/or firewalls, may lead to weak access control policies -- potentially easy to be evaded by unauthorized parties. We…

Cryptography and Security · Computer Science 2008-12-18 Joaquin Garcia-Alfaro , Frederic Cuppens , Nora Cuppens-Boulahia

The National Institute of Standards and Technology (NIST) released new guidelines in June of 2017 that recommended new standards for managing and accepting user passwords. Among the new guidelines is a requirement that verifiers should…

Cryptography and Security · Computer Science 2018-05-09 JV Roig

Modern authentication systems store hashed values of passwords of users using cryptographic hash functions. Therefore, to crack a password an attacker needs to guess a hash function input that is mapped to the hashed value, as opposed to…

Cryptography and Security · Computer Science 2019-11-28 Yair Yona , Suhas Diggavi

Our goal is to compute a policy that guarantees improved return over a baseline policy even when the available MDP model is inaccurate. The inaccurate model may be constructed, for example, by system identification techniques when the true…

Optimization and Control · Mathematics 2015-06-17 Yinlam Chow , Marek Petrik , Mohammad Ghavamzadeh

The statistical distribution, when determined from an incomplete set of constraints, is shown to be suitable as host for encrypted information. We design an encoding/decoding scheme to embed such a distribution with hidden information. The…

Statistical Mechanics · Physics 2015-06-25 L. Rebollo-Neira , A Plastino

Batch policy optimization considers leveraging existing data for policy construction before interacting with an environment. Although interest in this problem has grown significantly in recent years, its theoretical foundations remain…

Machine Learning · Computer Science 2021-04-07 Chenjun Xiao , Yifan Wu , Tor Lattimore , Bo Dai , Jincheng Mei , Lihong Li , Csaba Szepesvari , Dale Schuurmans

An interesting challenge for the cryptography community is to design authentication protocols that are so simple that a human can execute them without relying on a fully trusted computer. We propose several candidate authentication…

Cryptography and Security · Computer Science 2016-09-13 Jeremiah Blocki , Manuel Blum , Anupam Datta , Santosh Vempala

Passwords are a good idea, in theory. They have the potential to act as a fairly strong gateway. In practice though, passwords are plagued with problems. They are (1) easily shared, (2) trivial to observe and (3) maddeningly elusive when…

Cryptography and Security · Computer Science 2015-08-25 Joseph Maguire , Karen Renaud