Presentation is loading. Please wait.

Presentation is loading. Please wait.

TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer.

Similar presentations


Presentation on theme: "TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer."— Presentation transcript:

1 TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer

2 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft2 Impact Phishing attacks growing in scale and sophistication – Main reason: phishers can steal real money. Research goal: – Make it harder for phishers to obtain user information that can lead to monetary theft Technology transfer – Freely distributed open-source software – Talks at conferences, industry meetings (ITTC, …) – Startups – Partnering arrangements

3 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft3

4 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft4 Technology Transition Plan PwdHash: RSA Security (www.pwdhash.com) – Initial integration completed fall 2006 – Hope to convince IE team to embed natively in IE SpyBlock deployment: – Available at – Relevant companies: Mocha5, VMWare – Dialog with companies about transaction generators SafeHistory: Microsoft, Mozilla. – Available at

5 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft5 Public relations activities News articles on PwdHash: – Many articles in popular press, still appearing – Computerworld Horizon Award: August 2006 SafeHistory & SafeCache: – WWW ’06 paper Timing attacks – WWW ’07 paper SpyBlock and transaction generation – Report completed; conference paper in process

6 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft66

7 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft7"Title", J.Q. Speaker-Name7

8 TRUST 2 nd Year Site Visit, March 19 th, 2007KT-ID Theft8 PwdHash and RSA SecurID Tech transfer: available as IE and Firefox extensions – Working to convince MS to embed natively into IE Integration with RSA SecurID: – Motivation: “man in the middle” phishing attacks Defeats one-time password systems – Phase I: apply PwdHash to one-time passwords Requires updates to SecurID server and PwdHash – Phase II: authenticate server to client Planned for next year


Download ppt "TRUST 2 nd Year Site Visit, March 19 th, 2007 ID Theft Knowledge Transfer."

Similar presentations


Ads by Google