Volume 95, Number 5, September 2011
|Number of page(s)||5|
|Published online||25 August 2011|
The weak-password problem: Chaos, criticality, and encrypted p-CAPTCHAs
Max-Planck-Institut für Physik komplexer Systeme - Nöthnitzer Straß e 38, D-01187 Dresden, Germany, EU
2 Axioma Research - 555 Bryant Street, Palo Alto, CA 94303, USA
Accepted: 21 July 2011
Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak-password problem. Building upon chaotic dynamics, criticality at phase transitions, CAPTCHA recognition, and computational round-off errors, we design an algorithm that strengthens the security of passwords. The core idea of our simple method is to split a long and secure password into two components. The first component is memorized by the user. The second component is transformed into a CAPTCHA image and then protected using the evolution of a two-dimensional dynamical system close to a phase transition, in such a way that standard brute-force attacks become ineffective. We expect our approach to have wide applications for authentication and encryption technologies.
PACS: 05.45.-a – Nonlinear dynamics and chaos / 89.20.Ff – Computer science and technology / 89.75.Fb – Structures and organization in complex systems
© EPLA, 2011
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.