Kamouflage: Loss-Resistant Password Management
By Hristo Bojinov, Dan Boneh, Xavier Boyen, and Elie Bursztein.
In Computer Security (ESORICS 2010), volume 6345 of Lecture Notes in Computer Science, pages 286-302. Springer, 2010.
Abstract
We introduce Kamouflage: a new architecture for building theft-resistant password managers. An attacker who steals a laptop or cell phone with a Kamouflage-based password manager is forced to carry out a considerable amount of online work before obtaining any user credentials. We implemented our proposal as a replacement for the built-in Firefox password manager, and provide performance measurements and the results from experiments with large real-world password sets to evaluate the feasibility and effectiveness of our approach. Kamouflage is well suited to become a standard architecture for password managers on mobile devices.
Material
- published paper (PS) (PDF) (also accessible from the publisher) ©
- full version (PS) (PDF)
- presentation slides (HTML)
Reference
@InProceedings{Bojinov+Boneh+Boyen+Bursztein:ESORICS-2010:kamouflage, author = {Hristo Bojinov and Dan Boneh and Xavier Boyen and Elie Bursztein}, title = {Kamouflage: Loss-Resistant Password Management}, booktitle = {Computer Security---ESORICS 2010}, series = {Lecture Notes in Computer Science}, volume = {6345}, pages = {286--302}, publisher = {Berlin: Springer-Verlag}, year = {2010}, note = {Available at \url{http://www.cs.stanford.edu/~xb/esorics10/}} }
Unless indicated otherwise, these documents are Copyright © Xavier Boyen; all rights reserved in all countries.
Back to Xavier's homepage