About: Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override

Not logged in : Login

(Sponging disallowed)

Facets (new session)
Description
Metadata
Settings
- Rule:
- Inverse Functional Properties:
- "Same As":

About: Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override Goto Sponge NotDistinct Permalink

An Entity of Type : bibo:BookSection, within Data Space : linkeddata.uriburner.com:28898 associated with source document(s)

Attributes	Values
type	http://eprints.org/ontology/BookSectionEPrint http://eprints.org/ontology/EPrint Article Book Section
seeAlso	HTML Summary of #64302 Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override
sameAs	Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override
http://eprints.org/ontology/hasAccepted	Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (PDF)
http://eprints.org/ontology/hasDocument	Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (PDF) Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (Other) Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (Other) Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (Other) Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (Other) Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (Other)
dc:hasVersion	Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override (PDF)
Title	Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override
described by	https://demo.openlinksw.com/about/id/entity/https/www.cs.kent.ac.uk/people/staff/akj22/materials/CO644/export_kar_RDFN3.n3 https://demo.openlinksw.com/about/id/entity/https/raw.githubusercontent.com/annajordanous/CO644Files/main/export_kar_RDFN3.n3
Date	2018-06-25
Creator	Jack McBride Budi Arief J. Hernandez-Castro
status	peer reviewed published
Publisher	IEEE
abstract	This paper presents a security analysis of the manual override feature of the Noke smart lock. The Noke allows its user to operate, monitor and even share his smart lock with others through a smartphone. To counter the risk of being unable to open the lock when the smartphone is unavailable, it provides an override mechanism. Noke implements this override feature using a quick-click scheme, whereby its user can choose a sequence of eight to sixteen short and long shackle presses (similar to a Morse code). To explore the security implications of this feature, we conducted a study collecting human-generated quick-click codes from 100 participants, and analysed and modelled the resulting dataset. Our analysis shows that the override mechanism, at least in its current implementation, presents a significant opportunity for successful guessing attacks. We demonstrate this by building a mechanical brute force tool that on average can test one quick-click code in under three seconds. We conclude that this speed, together with the low entropy of human-generated passcodes, makes this manual override feature one of the most significant weaknesses of the system and constitutes a promising attack vector. We responsibly disclosed our findings to the Noke manufacturer. We also provide a list of potential countermeasures that can help to address this risk. We believe that alternative authentication methods such as quick-click codes will become increasingly popular in ever-expanding Internet of Things devices, so the weaknesses and the countermeasures discussed in this paper are timely and relevant, as they can also apply to other devices and security systems that rely on unconventional user-generated authentication codes.
Is Part Of	https://kar.kent.ac.uk/id/repository
Subject	QA Mathematics (inc Computing science)
list of authors	https://kar.kent.ac.uk/id/eprint/64302#authors
presented at	International Workshop on Secure Internet of Things 2017 (SIoT 2017)
is topic of	https://www.cs.kent.ac.uk/people/staff/akj22/materials/CO644/export_kar_RDFN3.n3 https://raw.githubusercontent.com/annajordanous/CO644Files/main/export_kar_RDFN3.n3
is primary topic of	HTML Summary of #64302 Earworms Make Bad Passwords: An Analysis of the Noke Smart Lock Manual Override

Faceted Search & Find service v1.17_git144 as of Jul 26 2024

Alternative Linked Data Documents: iSPARQL | ODE Content Formats:

RDF

ODATA

Microdata

About

OpenLink Virtuoso version 08.03.3331 as of Aug 25 2024, on Linux (x86_64-ubuntu_noble-linux-glibc2.38-64), Single-Server Edition (378 GB total memory, 36 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software