Archives by date

You are browsing the site archives by date.

What We Love About Research at LERSSE

As part of Innovate (in October) 2015, LERSSE’s Kosta gave a 7-minute “edutainment” talk, explaining in a very accessible form my current research, using an example of a recent study of iPhone’s TouchID:

Findings on Touch ID in plain (British) English

My research group had a paper presented at SOUPS on the interplay between TouchID and iPhone security, which I’ve described in a recent post. Here’s a video made by a wonderful team at Kindea Labs that explains the key findings in language accessible virtually to anyone:

Towards strong and memorable passwords

System-generated random passwords have maximum password security and are highly resistant to guessing attacks. However, few systems use such passwords because they are difficult to remember. In this paper, we propose a system-initiated user-replaceable password scheme called “Surpass” that lets users replace few characters in a random password to make it more memorable. We conducted a large-scale online study […]

Android Rooting:
 Methods, Detection, and Evasion

User root their Android (or jailbreak their iPhone) smartphones. They do so in order to run useful apps that require root privileges, to remove restrictions by carriers and hardware manufacturers, and to alter or remove system apps. Rooted devices are prevalent. According to a recent Android security report, Google Verify Apps detected rooting apps installed on approximately 2.5M […]

How Much Can Chunking Help to Remember Banking PINs?

To ensure that users do not choose weak personal identification numbers (PINs), many banks give out system-generated random PINs. 4-digit is the most commonly used PIN length, but 6-digit system-generated PINs are also becoming popular. The increased security we get from using system-generated PINs, however, comes at the cost of memorability. And while banks are […]