Security of Trustee-Based Social Authentications
| Author(s) | : | Mayur Agnihotri, Pratik Salvi, Ashutosh Borde |
| Institution | : | Computer Department, Trinity Academy Of Engineering, Pune |
| Published In | : | Vol. 3, Issue 11 — November 2016 |
| Page No. | : | 270-273 |
| Domain | : | Engineering |
| Type | : | Research Paper |
| ISSN (Online) | : | 2348-4470 |
| ISSN (Print) | : | 2348-6406 |
Now a days, the trend is to authenticate users through their friends. This technique is commonly known as‘trustee-based social authentication’. This method seems to have a bright future amongst the various backupauthentication mechanisms. This system involves a user who selects a few trusted associates from his friend list. Thesetrusted associates are known as ‘trustees’. When the user wishes to recover his account, the service provider sendsverification codes which are unique in nature to the user’s trustees. A recovery threshold (k) is set and when the userobtains these k verification codes from his trustees, he is directed to reset his password. Access is given to the account ofthe user by using some Backup authentication mechanisms. Here, we propose to introduce a pioneering framework ofattacks, which we will refer to as ‘forest fire attacks’ wherein compromised users are obtained in small number by theattacker and iterative attacks are done on the remaining users by using the trustee networks. We propose to establish aprobabilistic model to normalize the threats of forest fire attacks and their costs for attackers. We also introduce variousdefense strategies and apply our framework to broadly assess various palpable attacks and defense strategies.
Mayur Agnihotri, Pratik Salvi, Ashutosh Borde, “Security of Trustee-Based Social Authentications”, International Journal of Advance Engineering and Research Development (IJAERD), Vol. 3, Issue 11, pp. 270-273, November 2016.
