Medina: Combining Evidence to Build Trust Reasoning about trust Reasoning about trust without onions. without onions. Johannes Helander Johannes Helander Ben Zorn Ben Zorn Microsoft Research Microsoft Research May 23, 2007 May 23, 2007 Oakland, WSP07 Oakland, WSP07
8
Embed
Medina: Combining Evidence to Build Trust. A Second Look at Passwords Not as strong as encryption would suggest Ad-hoc methodology Back-channels (e.g.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Medina: Combining Evidence to Build Trust
Reasoning about trust without onions.Reasoning about trust without onions.
Johannes HelanderJohannes HelanderBen ZornBen Zorn
Microsoft ResearchMicrosoft ResearchMay 23, 2007May 23, 2007
Oakland, WSP07Oakland, WSP07
A Second Look at Passwords
Not as strong as encryption would suggest
Ad-hoc methodology Back-channels (e.g.
password reset) Reuse of passwords Inconvenient to store
They just don’t work
(14) front door(16) side door
Our Formalism and Passwords
allow = P(e1,e2,e3) = e1 | (e2 & e3)
e1 = knows password
e2 = has an email address registered with the account