PowerPoint Slide 1


PowerPoint Slide 2

You have to log in under user in the bottom left corner and then you can add notes to slides. I didn't realize this was worth 5% of our grade.

PowerPoint Slide 3

Security class also teaches us "Something you do" is another form of authentication (e.g. gait of your walk)

Keystroke dynamics is yet another form of biometric identification. So not only do you have to type the characters in your password accurately - you have to type it with the same pacing and dwell time on the keys to gain access.

As biometrics are used more in authentication some interesting ideas about the future come to mind. What if devices tracked your brain activity and would only let you log in if you were in a certain state of mind?

PowerPoint Slide 4


PowerPoint Slide 5
Some helpful types for coming up with a strong password

this is equal parts amusing and depressing.
PowerPoint Slide 6
I wonder how this site compares to Random.org's "cryptographic strength."
Why do you want a random number generator? Maybe to form a password...?
  • Write down the first 12 characters? 16 ^ 12 possible passwords (2.8 * 10^14)
  • Security principles would say it takes about 1.4 * 10^14 guesses to crack this password
  • With a hundred million guesses per second (10 ^ 8), you should be able to crack this pretty fast ...

funny note, just recently before this lecture I used a random password string generator to set our wifi router admin password.
PowerPoint Slide 7

I'd never heard of this method, but it seems so simple
and yet so elegant and secure. The odds of someone getting an
entire sentence correct, included with specials, numberd, etc, must
be astronomical

PowerPoint Slide 8
Kind of an example of this idea, in a more popular format.
PowerPoint Slide 9
I can definitely see how this will add to the security of a password. When you have two users with the same passwords they will hash the same. This techniques of salting the password will solve that problem which will make the same passwords hash differently. From what I understand in learning about Salt from security class, the two methods for salt value generation are generally either pseudorandom numbers or timestamp values.
PowerPoint Slide 10

Salt does not make the password impossible to crack it just lengthens the process of cracking it.
By adding salt on to the password the system can make all passwords the same length after the hash making it less easy to just match password length.

PowerPoint Slide 11
Just saw that Google cracked the SHA-1 security hashing functions. Guessing pretty soon we will be able to go to a 'decryption SHA-1 hashcode' website, similar to the MD5 decryption page.
PowerPoint Slide 12
https://www.howtogeek.com/185354/security-questions-are-insecure-how-to-protect-your-accounts/ Pretty funny how simple it is to get information on someone... more so when they are famous.
PowerPoint Slide 13


PowerPoint Slide 14


PowerPoint Slide 15

A recent example of how security technologies change is the SHA-1 hashing algorithm. Google's security research team recently produced the first SHA-1 collision, meaning that this algorithm has been proven to be unsafe to use.

PowerPoint Slide 16


PowerPoint Slide 17

I think one of the issues with biometrics is that most people don't have fingerprint recognition or iris scanners attached to their computers. Since people replace smart phones more often than computers, I could see biometric authentication becoming more popular for mobile devices in the future.

PowerPoint Slide 18
Another form for something you are (also learned in System Security) is the shape and design of your ear. It is as unique if not more than a finger print.
PowerPoint Slide 19
If you want to take a look at FaceL, the link is here.
PowerPoint Slide 20

A link to the 2016 IEEE International Conference on Biometrics can be found here.

PowerPoint Slide 21


PowerPoint Slide 22

If a 3rd form of authentication is what you need, look no further than your own RFID chip. It looks like there are a few companies working on the technology for human implants, but the morality of it seems to be in question. click here for more

PowerPoint Slide 23


PowerPoint Slide 24


PowerPoint Slide 25


PowerPoint Slide 26


PowerPoint Slide 27
I am surprised that these work based on the fact that humans can read these distorted images of words, but robots can't. Especially because some of the words come from books that computers can't understand. But this is actually how reCAPTCHA was formed which is really interesting.
PowerPoint Slide 28

There is much more going on behind the scenes now with reCAPTCHA. Specifically, Google will often just 'recognize' you for who you are without your having to do a thing (or at least much). This posting has a nice explanation.

PowerPoint Slide 29


PowerPoint Slide 30
It amazes me how far security systems have progressed in this decade. Even better than iris recognition, is surprisingly ear recognition. Perhaps one day we will conceive of even better recognition traits, like our body odor or something surprising like that.