PGP Auth: Using Public Key Encryption for Authentication on the Web
Public Deposited- Resource Type
- Creator
- Abstract
The majority of authentication systems use text passwords, as they provide a flexible method of authenticating on a wide variety of devices. Unfortunately, having suffi- ciently strong passwords does not protect users against phishing or offline guessing attacks. In this thesis, we present a new authentication mechanism that uses PGP.We iteratively designed PGP Auth, implemented it, and conducted user testing. Users rated the software highly and indicated that they would be very likely to use the software. They also liked the idea of having a single password to access their accounts and appreciated the security of using PGP as an authentication system.We believe that with a refined user interface, PGP Auth is a viable authentication mechanism that addresses many of the security vulnerabilities of traditional text password authentication. We also provide recommendations to aid in the development of future versions of PGP Auth based on our results.
- Subject
- Language
- Publisher
- Thesis Degree Level
- Thesis Degree Name
- Thesis Degree Discipline
- Identifier
- Rights Notes
Copyright © 2015 the author(s). Theses may be used for non-commercial research, educational, or related academic purposes only. Such uses include personal study, research, scholarship, and teaching. Theses may only be shared by linking to Carleton University Institutional Repository and no part may be used without proper attribution to the author. No part may be used for commercial purposes directly or indirectly via a for-profit platform; no adaptation or derivative works are permitted without consent from the copyright owner.
- Date Created
- 2015
Relations
- In Collection:
Items
| Thumbnail | Title | Date Uploaded | Visibility | Actions |
|---|---|---|---|---|
|
|
wueppelmann-pgpauthusingpublickeyencryptionforauthentication.pdf | 2023-05-04 | Public | Download |