Abstract

Abstract: Security of our passwords is an everyday and very pressing problem. Users frequently reuse their passwords when authenticating to various online services. Combined with the use of weak passwords or honeypot/phishing attacks, this brings high risks to the security of the user’s account information.

We invented a mechanism such that a user may employ a single simple password to login to all websites securely, with proven security against dictionary attacks, phishing, honeypots, or in many cases, even malware. Our system is easy to deploy, especially if some single sign-on services such as Google Accounts, Facebook, Microsoft Passport, Yahoo employ this system. This is the first and only system of its kind, provably providing such strong security guarantees.

Speaker bio: Alptekin Küpçü has received his Ph.D. degree from Brown University Computer Science Department in 2010. Since then, he has been working as an assistant professor at Koç University, and leading the Cryptography, Security & Privacy Research Group he has founded. His research mainly focuses on applied cryptography, and its intersection with cloud security, privacy, peer-to-peer networks, and mechanism design. He has also led the development of the Brownie Cashlib cryptographic library, which is available as open source online. Dr. Küpçü has various accomplishments including 2 patents pending, 6 funded research projects (for 4 of which he was the principal investigator), 2 European Union COST Action management committee memberships, and Koç University Teaching Innovation Grant. For more information, visit http://crypto.ku.edu.tr