Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Online USB Login System. Everything is going online Social Interactions Banking Transactions Meetings Businesses... including all sorts of crimes.

Published byAmice Price Modified over 8 years ago

Similar presentations

Presentation on theme: "Secure Online USB Login System. Everything is going online Social Interactions Banking Transactions Meetings Businesses... including all sorts of crimes."— Presentation transcript:

1 Secure Online USB Login System

2 Everything is going online Social Interactions Banking Transactions Meetings Businesses... including all sorts of crimes and even war

3 Our online identities Our IDENTITY = Our PASSWORD

4 What if your password gets stolen? Identity Theft Money Loss Data Loss Privacy Problems Our PASSWORD =

5 Available “Solutions” TechnologyProblems Security: Prone to keylogger and brute force attacks Cost: SSL Certificates cost a lot of money Practicality: Requires specialized hardware token Cost: Hardware component alone will cost money Visibility: Immediately recognizable security token Practicality: Requires specialized hardware devices Cost: Hardware component alone will cost money Consistency: Never 100% accurate and foolproof https://

6 Our Solution – SOUL System Create a two-factor authentication system that converts an ordinary hardware token (e.g. USB Flash drive) into a security token ***** Password Ordinary Hardware Token + Secure Low-cost Practical Invisible Portable Flexible Consistent

7 Our Solution – SOUL System The SOUL System aims to secure multiple websites all at once by providing a Software Development Kit and a Trusted Third Party for easy integration and registration.

8 Our Solution – SOUL System 1) Website uses Software Development Kit to integrate existing website with the SOUL System WEBSITESOUL SDK + SOUL INTEGRATED WEBSITE 2) Website registers to the Trusted Third Party to allow TWO-FACTOR login (e.g. USB secure login) SOUL INTEGRATED WEBSITE INITIAL REGISTRATION TRUSTED THIRD PARTY

9 Our Solution – SOUL System 1) User register s ordinary digita l device such as USB Flash drive in the Trusted Third Party in order to have a SOUL Account. 2) Registered and processed login devices can now be used to register and login to SOUL Integrated Websites. ORDINARY DEVICE INITIAL REGISTRATION TRUSTED THIRD PARTY LOGIN DEVICE SOUL INTEGRATED WEBSITE SECURE LOGIN

10 Design Challenges System should work in major operating systems. System can easily be integrated with any existing website System must not require specialized hardware System must be able to handle lost, stolen, or corrupted physical passwords or keys System must work with very minimal installation.

11 Design Challenges

12 Authentication Flow User mounts SOUL token User opens website and finds the embedded SOUL Plugin User selects the image where the encrypted data is hidden and the password is typed. User is signed in to the website

13 What Makes it Different? “Plug and Play” – Website integrates the SOUL System and registers to the Trusted Third Party to allow secure login Low-Cost and low–maintenance - No specialized hardware devices and system relies heavily on program codes Portable to website users – No operating system restriction and nothing installed in login devices Extremely flexible – The design of the system can be modified to fit the needs of the business It’s secure and it’s a champ – Kaspersky International Cup 2012 and Kaspersky Asia Pacific & MEA Cup Winning Research Paper

14 Secure Storage Steganography Trick: Hide encrypted data inside images! Result: Secure + Invisible. Ordinary USB Flash drive containing image still looks ordinary! Old ImageNew Image (looks the same but with encrypted data)

15 Secure Data Transfer HYBRID CRYPTOSYSTEM SIGNED JAVA APPLET ENCRYPTION + STEGANOGRAPHY INSIDE IMAGE FILES

16 Implementation USB sends instructions to Website Public Key of Website from TTP Website processes instructionsPublic Key of USB from TTP XLCrypt and SOUL System SDK Signed Java Applet Trusted Third Party Java / Python / PHP RSA, AES, SHA-512, and other fxns Embedded in website Has local filesystem access Primarily acts as storage of public keys & file hash values of image files

17 Fighting against known attacks Keylogging attack Brute-force attack Collision attack Dictionary attack Man-in-the-middle attack Reply attack Cloning attack

18 ObjectiveResults and Analysis Security System has been secured with hybrid cryptosystem and other security features such as UUIDs, Message UUIDs, RSA Signing and Verification, double password hashing Cost Low-cost: No specific hardware components required to use the system Portability No programs are installed inside security tokens. Any hardware or digital container can be used (laptops, USB flash drives, cellphones, dropbox containers) Flexibility System currently supports Java, Python, and PHP websites. The protocol and mechanisms proposed in the system can support any language (e.g. Ruby). Visibility Data is encrypted and then stored inside image files. No programs are installed inside the security tokens. Practicality Backup key system, password change possibility even with 2 keys, additional security options because of flexibility of usage (laptops as security tokens, dropbox storage as security tokens, cellular phones as security tokens)

19

Download ppt "Secure Online USB Login System. Everything is going online Social Interactions Banking Transactions Meetings Businesses... including all sorts of crimes."

Similar presentations

Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
3SKey 3SKey.

3SKey 3SKey.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
A mobile single sign-on system Master thesis 2006 Mats Byfuglien.

A mobile single sign-on system Master thesis 2006 Mats Byfuglien.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Department of Electrical & Computer Engineering Advisor: Michael Zink.

Department of Electrical & Computer Engineering Advisor: Michael Zink.
Intro To Secure Comm. Exercise 2. Problem  You wish for your users to access a remote server via user and password.  All of the users have modems and.

Intro To Secure Comm. Exercise 2. Problem  You wish for your users to access a remote server via user and password.  All of the users have modems and.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Iron Key and Portable Drive Security Zakary Littlefield.

Iron Key and Portable Drive Security Zakary Littlefield.
Mobile Single Sign On System Souheil Lazghab. The security protocol should secure: First, the Bluetooth communication between the PICDEM FS USB Demo board.

Mobile Single Sign On System Souheil Lazghab. The security protocol should secure: First, the Bluetooth communication between the PICDEM FS USB Demo board.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.

IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

Similar presentations

Ads by Google