related work
play

Related work SQRL design details Research questions Research - PowerPoint PPT Presentation

May 19, 2023 •137 likes •394 views

A closer look at SQRL Agenda SQRL introduction Related work SQRL design details Research questions Research method Research findings Conclusion UvA-SNE-RP1 presentation 1 A closer look at SQRL SQRL introduction:

  1. A closer look at SQRL Agenda • SQRL introduction • Related work • SQRL design details • Research questions • Research method • Research findings • Conclusion UvA-SNE-RP1 presentation 1

  2. A closer look at SQRL SQRL introduction: trigger Secure Quick Reliable Login UvA-SNE-RP1 presentation 2

  3. A closer look at SQRL SQRL introduction: how it works QR-scanning QR-tapping QR-clicking UvA-SNE-RP1 presentation 3

  4. A closer look at SQRL SQRL introduction: design goals  SSO  2FA  out-of-band (OOB) authentication  no secret(s) exchange  anonymity  no (additional) TTP  low friction deployment UvA-SNE-RP1 presentation 4

  5. A closer look at SQRL Related work: SSO • Open standards • OpenID • TiQR UvA-SNE-RP1 presentation 5

  6. A closer look at SQRL SQRL design details: crypto ID site (fixed) specific secret 1-F secret Elliptic Brute 2-F Curve Force UvA-SNE-RP1 presentation 6

  7. A closer look at SQRL SQRL design details: more crypto Compromised ID ? • ID revocation support • proves ID ownership • uses additional keys • Lock (disable) • Unlock (enable/change) UvA-SNE-RP1 presentation 7

  8. A closer look at SQRL SQRL design details: messages UvA-SNE-RP1 presentation 8

  9. A closer look at SQRL Research questions • How does SQRL improve authentication security compared to related solutions? • What does SQRL offer to both parties? • What constraints must be met to guaranty this behaviour? • What additional features are relevant to extend deployability? • What attacks remain feasible and what countermeasures are to be considered? UvA-SNE-RP1 presentation 9

  10. A closer look at SQRL Research method: attacks • Attacks exploit vulnerabilities • Causes of vulnerabilities • design errors • implementation errors • user mistakes UvA-SNE-RP1 presentation 10

  11. A closer look at SQRL Research method: attacks • Attacks exploit vulnerabilities • Causes of vulnerabilities • design: • uses TLS • covers MiTM • covers eavesdropping • uses HMAC • no reverse operation • uses scrypt • covers brute-force UvA-SNE-RP1 presentation 11

  12. A closer look at SQRL Research method: attacks • Attacks exploit vulnerabilities • Causes of vulnerabilities • design errors • implementation errors • no current (mature) app/server UvA-SNE-RP1 presentation 12

  13. A closer look at SQRL Research method: attacks • Attacks exploit vulnerabilities • Causes of vulnerabilities • design errors • implementation errors • user mistakes UvA-SNE-RP1 presentation 13

  14. A closer look at SQRL Research method: attacks SQRL user interaction • SQRL-app installation • SQRL Identity password generation & use • SQRL Master Key backup & restore • SQRL (Un)lock Key backup & restore SQRL design dependencies • Responsible users • No malware installed • No shoulder surfing • Master Key safely stored (QR on paper) • (Un)lock Key safely stored (QR on paper) UvA-SNE-RP1 presentation 14

  15. A closer look at SQRL Research findings: attacks Malware needs to be Crypto in crypto-chip addressed UvA-SNE-RP1 presentation 15

  16. A closer look at SQRL Research findings: attacks Malware needs to be Crypto in nfc-chip addressed UvA-SNE-RP1 presentation 16

  17. A closer look at SQRL Research findings: research question 2 • What additional features are relevant to extend deployability? • Site-specific key-pairs -E-mail -Membership -Registration UvA-SNE-RP1 presentation 17

  18. A closer look at SQRL Research findings: research question 1 How does SQRL improve authentication security compared to related solutions? • What does SQRL offer to both parties? • What constraints must be met to guaranty this behaviour? SSO 2FA out-of-band (OOB) authentication no secret(s) exchange anonymity no (aditional) TTP ID revocation facility UvA-SNE-RP1 presentation 18

  19. A closer look at SQRL Related work: SSO-Open standards • SURF net • OCRA (OATH Challenge Response Algorithm) RFC6287 UvA-SNE-RP1 presentation 19

  20. A closer look at SQRL Related work: SSO-Open standards • OpenID Authentication 2.0 • Support of algorithms (not prescribed) UvA-SNE-RP1 presentation 20

  21. A closer look at SQRL Related work: SSO-Open standards TiQR OpenID SQRL  (?)   SSO   2FA ?   OOB ? Ҳ  No secret(s) exchange ?  (?)  Anonymity ?   Ҳ No (additional) TTP    Low Friction Deploy Ҳ  ID revocation ? 21 UvA-SNE-RP1 presentation

  22. A closer look at SQRL Research findings: research question 1 How does SQRL improve authentication security compared to related solutions? • What does SQRL offer to both parties? • What constraints must be met to guaranty this behaviour? User: • SSO • 2FA security • anonymity • no cross- site coupling of ID’s • ID revocation support Website: • authenticated identity • alongside alternative solutions UvA-SNE-RP1 presentation 22

  23. A closer look at SQRL Research findings: research question 1 How does SQRL improve authentication security compared to related solutions? • What does SQRL offer to both parties? • What constraints must be met to guaranty this behaviour? • HTTP over TLS • user responsibility/awareness UvA-SNE-RP1 presentation 23

  24. A closer look at SQRL Conclusion SQRL is • open • no new technology • a combination of Best Practices • unique in its offered properties • not operational yet SQRL depends on • responsible users SQRL needs • additional secret protection UvA-SNE-RP1 presentation 24

  25. A closer look at SQRL Questions UvA-SNE-RP1 presentation 25

Recommend

Epistemic Answer Set Programming Ezgi Iraz Su CILC 2019 @ Trieste, ITALY, June 2019 1 / 39

Epistemic Answer Set Programming Ezgi Iraz Su CILC 2019 @ Trieste, ITALY, June 2019 1 / 39

Introduction Related Work Related Work Related Work Our contribution Future Work Epistemic Answer Set Programming Ezgi Iraz Su CILC 2019 @ Trieste, ITALY, June 2019 1 / 39 Introduction Related Work Related Work Related Work Our

868 views • 44 slides
joint work with J. Baumgartner IBM Corporation USA This work is related to a Date 2013

joint work with J. Baumgartner IBM Corporation USA This work is related to a Date 2013

Fast Cone-Of-Influence Computation and Estimation in Problems with Multiple Properties C. Loiacono , M. Palena, P. Pasini, D. Patti, S. Quer, S. Ricossa, D. Vendraminetto joint work with J. Baumgartner IBM Corporation USA This work is related

811 views • 24 slides
TAPPING THE POTENTIAL FOR REDUCING WORK-RELATED ROAD DEATHS AND INJURIES 23 October 2017,

TAPPING THE POTENTIAL FOR REDUCING WORK-RELATED ROAD DEATHS AND INJURIES 23 October 2017,

TAPPING THE POTENTIAL FOR REDUCING WORK-RELATED ROAD DEATHS AND INJURIES 23 October 2017, Brussels #PIN2017 Deirdre Sinnott McFeat on behalf of Work Related Road Collisions Work related road deaths involve: Workers Occupational road

621 views • 22 slides
Case Law Update 2017 Work related and non work related injury Lower court applied

Case Law Update 2017 Work related and non work related injury Lower court applied

10/3/2017 Flug v. Wal Mart Associates, Inc., 2017 Wis. 72 (2017) Case Law Update 2017 Work related and non work related injury Lower court applied 102.42(1m) Inconceivable decisions from the Supreme Court found the Statute did not

439 views • 6 slides
HSE Demands And more demands Does it have to be this way The truth about work-related stress

HSE Demands And more demands Does it have to be this way The truth about work-related stress

Stress and Wellbeing Peter J Kelly HSE Demands And more demands Does it have to be this way The truth about work-related stress No one definition but plenty of Google entries. HSE defines work-related stress as: the adverse

436 views • 25 slides
LIABILITIES RELATED TO WORK ACCIDENTS: THE EXAMPLE OF HARASSMENT

LIABILITIES RELATED TO WORK ACCIDENTS: THE EXAMPLE OF HARASSMENT

LIABILITIES RELATED TO WORK ACCIDENTS: THE EXAMPLE OF HARASSMENT AND VIOLENCE AT WORK 1. Seminars goal and content - DefiniIon and concept -

460 views • 9 slides
2 Related Work and Background 2.2 Aho-Corasick Algorithm 2.1 Related Work A class of

2 Related Work and Background 2.2 Aho-Corasick Algorithm 2.1 Related Work A class of

Multi-Core Architecture on FPGA for Large Dictionary String Matching Qingbo Wang, Viktor K. Prasanna Ming Hsieh Department of Electrical Engineering University of Southern California Los Angeles, CA 90089-2562 qingbow, prasanna@usc.edu

388 views • 8 slides
Challenges for healthcare Profession : work related stress Peter J Kelly HSE What we know

Challenges for healthcare Profession : work related stress Peter J Kelly HSE What we know

Challenges for healthcare Profession : work related stress Peter J Kelly HSE What we know about the Current Situation The Current climate offers some challenges and unique opportunities for the management of work related stress in

271 views • 13 slides
Through the Workers Eyes Developing Learning Activities with Work-Related Documents Workshop

Through the Workers Eyes Developing Learning Activities with Work-Related Documents Workshop

Through the Workers Eyes Developing Learning Activities with Work-Related Documents Workshop framework Whats the point? Review of Essential Skills Collecting work-related documents Developing worker-focused learning activities

889 views • 87 slides
have consistently and testing. Id. The defective work related The focal point of the J.S.U.B.

have consistently and testing. Id. The defective work related The focal point of the J.S.U.B.

General Contractors, General Contractors-- There is Coverage Under the CGL Policy for Defective Work' Pe ormed by a Subcontractor Presented by Wm. Cary Wright 7, Carlton Fields, P.A. have consistently and testing. Id. The defective work related The

322 views • 3 slides
Outline Introduction Motivation & related work Existing visualizers Proposed

Outline Introduction Motivation & related work Existing visualizers Proposed

CloseViz: Visualizing Useful Patterns Chris Carmichael Carson K. Leung Department of Computer Science Th The University of Manitoba, Canada U i it f M it b C d UP @ KDD 2010 Outline Introduction Motivation & related work

375 views • 14 slides
Karthik Dinakar MAS 771 Brief introduction of problem space Prior & related work

Karthik Dinakar MAS 771 Brief introduction of problem space Prior & related work

Karthik Dinakar MAS 771 Brief introduction of problem space Prior & related work Algorithmic approach Demonstration Evaluation Limitations Future Work & lessons learned Pragmatic language impairment [Bishop

360 views • 15 slides
1 Related Work Related Work Related Work Related Work Gromov-Hausdorff Gromov-Hausdorff

1 Related Work Related Work Related Work Related Work Gromov-Hausdorff Gromov-Hausdorff

Goal: Find a map between surfaces Goal: Find a map between surfaces Blended Intrinsic Maps Blended Intrinsic Maps Vladimir G. Kim Vladimir G. Kim Yaron Lipman Yaron Lipman Thomas Funkhouser Thomas Funkhouser Princeton University Goal:

242 views • 10 slides
Why Mahatma Gandhi NREGA in an ILO Retreat Comprehensive range of issues Worker related

Why Mahatma Gandhi NREGA in an ILO Retreat Comprehensive range of issues Worker related

Why Mahatma Gandhi NREGA in an ILO Retreat Comprehensive range of issues Worker related Targeting Rights and entitlements Wages Work related Nature of work Social Safety Net Employer of Last Resort

1.45k views • 55 slides
Contents 1 Backgrounds 2 Related Work 3 IOVTee 4 Evaluation 5 Conclusion 2

Contents 1 Backgrounds 2 Related Work 3 IOVTee 4 Evaluation 5 Conclusion 2

Best Paper Award IOVTee : A Fast and Pragmatic Software-based Zero-copy/Pass-through Mechanism for NFV-nodes Assist. Prof. Ryota Kawashima Nagoya Institute of Technology, Japan 1 Contents 1 Backgrounds 2 Related Work 3 IOVTee 4

483 views • 24 slides
Unhealthy ICT Related (Work) Practices What are they? How might we measure them? Exploring Big

Unhealthy ICT Related (Work) Practices What are they? How might we measure them? Exploring Big

Unhealthy ICT Related (Work) Practices What are they? How might we measure them? Exploring Big Data to Examine Employee Health and Well-Being Seminar Series, February 26, 2016 at Sheffield University Management School Noelle Chesley, Sociology

406 views • 8 slides
Outline Introduction Related Work System Architecture: three major software modules

Outline Introduction Related Work System Architecture: three major software modules

Interactively Directing Virtual Crowds in a Virtual Environment Tsai-Yen Li, Jian-Wen Lin, Yi-Lin Liu, and Chang-Ming Hsu Computer Science Department, National Chengchi University Outline Introduction Related Work System

322 views • 11 slides
wellbeing in academics GAIL KINMAN UNIVERSITY OF BEDFORDSHIRE Work-related wellbeing in

wellbeing in academics GAIL KINMAN UNIVERSITY OF BEDFORDSHIRE Work-related wellbeing in

ICT use, work-life balance and wellbeing in academics GAIL KINMAN UNIVERSITY OF BEDFORDSHIRE Work-related wellbeing in academics Rising demands; increasing pressure; reduced control and manager support (2008 2014) Role

111 views • 10 slides
Ray 1. Introduction Problem Statement Background Related Work 2. Methodology Overview

Ray 1. Introduction Problem Statement Background Related Work 2. Methodology Overview

Presented by: Devin Taylor A Distributed Framework for Emerging AI Applications R. Nishihara, P. Moritz, et al October 17, 2018 University of California, Berkeley Ray 1. Introduction Problem Statement Background Related Work 2. Methodology

563 views • 21 slides
Presentation by: Kent Sommer ( ) 1 Outline 1. Review / related work 2. Overview of

Presentation by: Kent Sommer ( ) 1 Outline 1. Review / related work 2. Overview of

NetVLAD: CNN architecture for weakly supervised place recognition Relja Arandjelovi, Petr Gronat, Akihiko Torii, Tomas Pajdla, Josef Sivic [CVPR 2016] Presentation by: Kent Sommer ( ) 1 Outline 1. Review / related work 2.

460 views • 25 slides
Agenda 1. Problem 2. Related Work 3. Prototype 4. Gestures 5. Technical Demo W INGED - Window

Agenda 1. Problem 2. Related Work 3. Prototype 4. Gestures 5. Technical Demo W INGED - Window

W INGED Window Management with In-Air Gestures on Desktop Computers Simon Walter - Timo Wilhelm 1 University of Applied Sciences Augsburg | Interaction Engineering | Prof. Dr. Michael Kipp | WS 2015/16 Agenda 1. Problem 2. Related Work 3.

269 views • 22 slides
Work-related Musculoskeletal Disorders: What are they and what can we do about them ? Nancy A.

Work-related Musculoskeletal Disorders: What are they and what can we do about them ? Nancy A.

School of Health and Rehabilitation Sciences Departm ent of Occupational Therapy Work-related Musculoskeletal Disorders: What are they and what can we do about them ? Nancy A. Baker, ScD, MPH, OTR/ L September 20, 2012 School of Health and

622 views • 58 slides
Visual Exploration of Shanghai Subway Data Report By Xinshuang Wang 01 Introduction and Related

Visual Exploration of Shanghai Subway Data Report By Xinshuang Wang 01 Introduction and Related

Visual Exploration of Shanghai Subway Data Report By Xinshuang Wang 01 Introduction and Related work Outline 02 Three views 03 Explore the influence of weather on passenger flow Introduction and Related Work Introduction of Visualization

180 views • 17 slides
Questionnaire (WORQ) as a part of work related assessment in vocational rehabilitation Content

Questionnaire (WORQ) as a part of work related assessment in vocational rehabilitation Content

Katrien Vermeulen, Kristine Oostra & Dominique Van de Velde 07/03/2019 The Work Rehabilitation Questionnaire (WORQ) as a part of work related assessment in vocational rehabilitation Content Presentation of the WORQ Usability and

394 views • 18 slides

More recommend