Interactive Authentication
Deepak Maram
Video
Abstract:
This talk introduces a new framework for modeling complex real-world authentication mechanisms. Single-factor authentication is often insufficient due to key / password loss, leading to the use of multi-factor authentication, but its analysis and design are mostly limited to one-shot mechanisms, which decide immediately. Our approach, however, introduces a dynamic, interactive model. For example, a user receives an email notification about sending money from her bank account and is given a period of time to abort the operation. We'll discuss a novel approach to formally define and measure the security level of interactive authentication mechanisms. This approach presents two major benefits. Firstly, it allows the formal modeling of real-world mechanisms, which are often specified informally, enhancing their clarity and security. Secondly, it leads us to the discovery of maximally secure mechanisms that achieve the highest possible level of security.
Bio:
Deepak Maram is a Senior Research Scientist at Mysten Labs, focusing on the development of the Sui blockchain. His expertise lies in security, privacy-enhancing technologies, with a focus on blockchain applications. Deepak earned his PhD from Cornell Tech, supervised by Prof. Ari Juels. His research covers a broad spectrum of security and applied cryptography topics, including privacy-preserving TLS oracles (DECO, CanDID), verifiable file geolocation and secure authentication to name a few. These days he works at the intersection of systems and cryptography.