[Colloq] New Time: Colloq. Talk by Kasper Rasmussen, UC Irvine: "On The Security of Password Manager Database Formats

Nicole Bekerian nicoleb at ccs.neu.edu
Wed Sep 19 12:03:21 EDT 2012 


The College of Computer and Information Science presents: 


Title: On The Security of Password Manager Database Formats 
Speaker: Kasper Rasmussen, UC Irvine 
Date: September 28th at 3:30pm 
Location: 366 WVH 

Abstract: 
Password managers are critical pieces of software relied upon by users to securely store valuable and sensitive information, from online banking passwords and login credentials to passport- and social security numbers. Surprisingly, there has been very little academic research on the security these applications provide. 
This paper presents the first rigorous analysis of storage formats used by popular password managers. We define two realistic security models, designed to represent the capabilities of real-world adversaries. We then show how specific vulnerabilities in our models allow an adversary to implement practical attacks. Our analysis shows that most password manager database formats are broken even against weak adversaries. 

Bio: 
Kasper Rasmussen completed his masters degree in Computer Science (Information technology and Mathematics) from the Technical University of Denmark (DTU) in December 2005.Kasper got his Ph.D. in January 2011 from the Department of Computer Science, ETH Zurich. During his Ph.D. he worked on various security issues including secure time synchronization and secure localization with a particular focus on distance bounding. 
Kasper is currently working with Gene Tsudik as a researcher at University of California, Irvine. His research interests include security of (wireless) networks, protocol design, security of embedded systems, including smart grid nodes and hand held devices and applied cryptography. 

Host: Guevara Noubir 

-- 




Best, 
Nicole 

______________________________________________________________ 

Nicole Bekerian 
Administrative Assistant 

Northeastern University 
College of Computer and Information Science 
360 Huntington Ave. 
202 West Village H 
Boston, MA 02115 

Phone: 617.373.2462 
Fax: 617.373.5121

More information about the Colloq mailing list