Institute of Computing Technology, Chinese Academy IR
| PUFPass: A password management mechanism based on software/hardware codesign | |
| Guo, Qingli1,2; Ye, Jing1,2; Li, Bing3; Hu, Yu1,2; Li, Xiaowei1,2; Lan, Yazhu1; Zhang, Guohe4 | |
| 2019 | |
| 发表期刊 | INTEGRATION-THE VLSI JOURNAL
 |
| ISSN | 0167-9260 |
| 卷号 | 64页码:173-183 |
| 摘要 | Secure passwords need high entropy, but are difficult for users to remember. Password managers minimize the memory burden by storing site passwords locally or generating secure site passwords from a master password through hashing or key stretching. Unfortunately, they are threatened by the single point of failure introduced by the master password which is vulnerable to various attacks such as offline attack and shoulder surfing attack. To handle these issues, this paper proposes the PUFPass, a secure password management mechanism based on software/hardware codesign. By introducing the hardware primitive, Physical Unclonable Function (PUF), into PUFPass, the random physical disorder is exploited to strengthen site passwords. An illustration of PUFPass in the Android operating system is given. PUFPass is evaluated from aspects of both security and preliminary usability. The security of the passwords is evaluated using a compound heuristic algorithm based PUF attack software and an open source password cracking software, respectively. Finally, PUFPass is compared with other password management mechanisms using the Usability-Deployability-Security (UDS) framework. The results show that PUFPass has great advantages in security while maintaining most benefits in usability. |
| 关键词 | Password Password management mechanism PUF Security Usability |
| DOI | 10.1016/j.vlsi.2018.10.003 |
| 收录类别 | SCI |
| 语种 | 英语 |
| 资助项目 | National Natural Science Foundation of China (NSFC)[61532017] ; National Natural Science Foundation of China (NSFC)[61704174] ; National Natural Science Foundation of China (NSFC)[61432017] ; National Natural Science Foundation of China (NSFC)[61521092] |
| WOS研究方向 | Computer Science ; Engineering |
| WOS类目 | Computer Science, Hardware & Architecture ; Engineering, Electrical & Electronic |
| WOS记录号 | WOS:000451494300018 |
| 出版者 | ELSEVIER SCIENCE BV |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/3529 |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Ye, Jing; Li, Xiaowei |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, State Key Lab Comp Architecture, Beijing 100190, Peoples R China 2.Univ Chinese Acad Sci, Beijing 100049, Peoples R China 3.Duke Univ, Durham, NC 27708 USA 4.Xi An Jiao Tong Univ, Sch Microelect, Xian 710049, Shanxi, Peoples R China |
| 推荐引用方式 GB/T 7714 | Guo, Qingli,Ye, Jing,Li, Bing,et al. PUFPass: A password management mechanism based on software/hardware codesign[J]. INTEGRATION-THE VLSI JOURNAL,2019,64:173-183. |
| APA | Guo, Qingli.,Ye, Jing.,Li, Bing.,Hu, Yu.,Li, Xiaowei.,...&Zhang, Guohe.(2019).PUFPass: A password management mechanism based on software/hardware codesign.INTEGRATION-THE VLSI JOURNAL,64,173-183. |
| MLA | Guo, Qingli,et al."PUFPass: A password management mechanism based on software/hardware codesign".INTEGRATION-THE VLSI JOURNAL 64(2019):173-183. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论