Upgrade to Pro — share decks privately, control downloads, hide ads and more …

IEEE Paper Presentation

IEEE Paper Presentation

This slide deck was used to present our paper, "Time-based one-time password for Wi-Fi authentication and security" at ICACCI 2017 (International Conference on Advances in Computing, Communications and Informatics)

Arjun Sunil Kumar

September 13, 2017
Tweet

More Decks by Arjun Sunil Kumar

Other Decks in Research

Transcript

  1. Time-based One-Time Password for Wi-Fi Authentication and Security ▸ Chandramohan

    Sudar ▸ Arjun S.K. ▸ Deepthi L.R. ▸ Authors Amrita Vishwa Vidyapeetham
  2. >RANDOM FACTS & FIGURES • 67% of Internet Users Haven’t

    Changed Passwords After Heartbleed • Business insiders forecast there will be 34 billion devices connected to the internet by 2020, up from 10 billion in 2015. IoT devices will account for 24 billion. • With a whopping 71% of mobile communications flowing over wireless internet, Wi-Fi is now the biggest transmitter of communications around the world. • These five user passwords accounted for 3.2 million of the 130 million accounts that were stolen in the Adobe hack of 2013: “123456,” “12345678,” “Password,” “Adobe123” and “12345678.”(Lazy)
  3. >EXISTING SOLUTION ▸ Manually update password periodically ▸ Tedious task

    of passing the new password ▸ Update Password in all the previously connected devices ▸ Keep a very tough password ( something like : &W#$!@ ) ▸ We become dependent on some plugins ▸ Write down somewhere
  4. >PROPOSED SOLUTION ▸ Automate the process of changing password in

    Server ▸ Dynamically update password in the Client ▸ Maintain a sync in password, among the connected devices ▸ Black-Box the process of connecting to WiFi Network
  5. >CURRENT WIFI SECURITY MECHANISM’S ▸ Password based : ▸ Session

    based : ▸ WEP ▸ WPA ▸ WPA2 ▸ Captive portal
  6. >CONS : SESSION BASED ▸ Issues ▸ Requires a browser

    to login. ( Not suitable for IOT devices. ) ▸ Prone to network sniffing ▸ Breach of Privacy
  7. >ALGO ▸ A shared secret (a sequence of bytes) ▸

    An input derived from the current time ▸ A signing function Ingredients
  8. >CURRENT ISSUES In almost all the WiFi Hotspot devices, updating

    credentials involves: 1. Flashing the credential to EEPROM. 2. Rebooting the device with current settings. Rebooting time is unavoidable and it is the main cause of latency.
  9. >FINAL WORDS ▸ This Project can be targeted to upcoming

    IOT world, where device connectivity as well as security is a major priority. ▸ Since this is a offline security protocol, there should be a syncing parameter to get a consistent output. And also because IOT devices connectivity is handled locally, time is chosen to be this parameter.
  10. >REFERENCES [1] D. MRaihi, S. Machani, M. Pei & J.

    Rydell, TOTP: Time-Based One- Time Password Algorithm, Internet Engineering Task Force, May 2011. https://tools.ietf.org/html/rfc6238 [2] Eric Grosse & Mayank Upadhyay, Authentication at Scale, IEEE Security & Privacy, Volume 11, issue 1, pages 15-22, Jan.-Feb. 2013 [3] Changhua He, Analysis of Security Protocols for Wireless Networks, Department of Electrical Engineering, Stanford University, December 2005. http://theory.stanford.edu/˜changhua/thesis full.pdf [4] Gowtham, R. & Krishnamurthi I. A comprehensive and efficacious architecture for detecting phishing webpages, Computers and Security, Volume 40, Pages 23-37, February 2014 [5] Srivastava S. & Sivasankar M., On the generation of alphanumeric one time passwords, Proceedings of the International Conference on Inventive Computation Technologies, ICICT 2016, Volume 1, January 2017
  11. >TOTP PSUEDO CODE original_secret = xxxx xxxx xxxx xxxx xxxx

    xxxx xxxx xxxx secret = BASE32_DECODE(TO_UPPERCASE(REMOVE_SPACES(original_secret))) input = CURRENT_UNIX_TIME() / 30 hmac = SHA1(secret + SHA1(secret + input)) offset = hmac[len(hmac)-1] & 0x0F //Last nibble four_bytes = hmac[offset : offset+4] large_integer = INT(four_bytes) small_integer = large_integer % 100000000
  12. >CURRENT ISSUES ▸ Implementing it on Modem via PC. We

    can create scripts to change the password of WiFi hotspot. But still it requires modem rebooting, creating latency for periodic update.
  13. >CURRENT ISSUES ▸ Implementing it on Android OS as System

    App. Negligible increase in performance when compared to our user app.