Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to IEEE Paper presentation
Similar to IEEE Paper presentation (20)
Recently uploaded
Recently uploaded (20)
IEEE Paper presentation
- 1. Time-based One-Time Password for Wi-Fi Authentication and Security ▸ Chandramohan Sudar (chandramohansudar@gmail.com) ▸ Arjun S.K. (arjunsk15@gmail.com) ▸ Deepthi L.R. (deepthilr@am.amrita.edu) ▸ Authors Amrita Vishwa Vidyapeetham
- 2. >RANDOM FACTS & FIGURES • 67% of Internet Users Haven’t Changed Passwords After Heartbleed • Business insiders forecast there will be 34 billion devices connected to the internet by 2020, up from 10 billion in 2015. IoT devices will account for 24 billion. • With a whopping 71% of mobile communications flowing over wireless internet, Wi-Fi is now the biggest transmitter of communications around the world. • These five user passwords accounted for 3.2 million of the 130 million accounts that were stolen in the Adobe hack of 2013: “123456,” “12345678,” “Password,” “Adobe123” and “12345678.”(Lazy)
- 3. >PROBLEM STATEMENT ▸ Add a new layer of security to future WiFi Devices
- 4. >BACKGROUND
- 5. >EXISTING SOLUTION ▸ Manually update password periodically ▸ Tedious task of passing the new password ▸ Update Password in all the previously connected devices ▸ Keep a very tough password ( something like : &W#$!@ ) ▸ We become dependent on some plugins ▸ Write down somewhere
- 6. >PROPOSED SOLUTION ▸ Automate the process of changing password in Server ▸ Dynamically update password in the Client ▸ Maintain a sync in password, among the connected devices ▸ Black-Box the process of connecting to WiFi Network
- 7. >CURRENT WIFI SECURITY MECHANISM’S ▸ Password based : ▸ Session based : ▸ WEP ▸ WPA ▸ WPA2 ▸ Captive portal
- 8. >QUOTE “ Password is by far the weakest link in cyber security today ”
- 9. >CONS : PASSWORD BASED ▸ Common Attacks ▸ Brute Forcing ▸ Dictionary Attack
- 10. >CONS : PASSWORD BASED Cont. ▸ Rainbow Attack ▸ Phishing
- 11. >SESSION BASED ▸ Captive Portals
- 12. >CONS : SESSION BASED ▸ Issues ▸ Requires a browser to login. ( Not suitable for IOT devices. ) ▸ Prone to network sniffing ▸ Breach of Privacy
- 13. >PROPOSED SOLUTION - FLOW DIAGRAM
- 14. >ALGO ▸ A shared secret (a sequence of bytes) ▸ An input derived from the current time ▸ A signing function Ingredients
- 15. >ALGO - FLOW CHART
- 16. >RESULT ▸ Password syncs among all the connected devices.
- 17. >CURRENT ISSUES In almost all the WiFi Hotspot devices, updating credentials involves: 1. Flashing the credential to EEPROM. 2. Rebooting the device with current settings. Rebooting time is unavoidable and it is the main cause of latency.
- 18. >FUTURE SCOPE ▸New WiFi standard▸Security in IOT connectivity
- 19. >FINAL WORDS ▸This Project can be targeted to upcoming IOT world, where device connectivity as well as security is a major priority. ▸Since this is a offline security protocol, there should be a syncing parameter to get a consistent output. And also because IOT devices connectivity is handled locally, time is chosen to be this parameter.
- 20. >REFERENCES [1] D. MRaihi, S. Machani, M. Pei & J. Rydell, TOTP: Time-Based One- Time Password Algorithm, Internet Engineering Task Force, May 2011. https://tools.ietf.org/html/rfc6238 [2] Eric Grosse & Mayank Upadhyay, Authentication at Scale, IEEE Security & Privacy, Volume 11, issue 1, pages 15-22, Jan.-Feb. 2013 [3] Changhua He, Analysis of Security Protocols for Wireless Networks, Department of Electrical Engineering, Stanford University, December 2005. http://theory.stanford.edu/˜changhua/thesis full.pdf [4] Gowtham, R. & Krishnamurthi I. A comprehensive and efficacious architecture for detecting phishing webpages, Computers and Security, Volume 40, Pages 23-37, February 2014 [5] Srivastava S. & Sivasankar M., On the generation of alphanumeric one time passwords, Proceedings of the International Conference on Inventive Computation Technologies, ICICT 2016, Volume 1, January 2017
- 22. >TOTP PSUEDO CODE original_secret = xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx secret = BASE32_DECODE(TO_UPPERCASE(REMOVE_SPACES(original_secret))) input = CURRENT_UNIX_TIME() / 30 hmac = SHA1(secret + SHA1(secret + input)) offset = hmac[len(hmac)-1] & 0x0F //Last nibble four_bytes = hmac[offset : offset+4] large_integer = INT(four_bytes) small_integer = large_integer % 100000000
- 23. >CURRENT ISSUES ▸ Implementing it on Arduino.
- 24. >CURRENT ISSUES ▸ Implementing it on Modem via PC. We can create scripts to change the password of WiFi hotspot. But still it requires modem rebooting, creating latency for periodic update.
- 25. >CURRENT ISSUES ▸ Implementing it on Android OS as System App. Negligible increase in performance when compared to our user app.