This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and that these attacks cannot be effectively mitigated without sacrificing the usability of LRP systems. Quantitative analysis proves that a secure LRP system in practical settings imposes a considerable amount of cognitive workload unless certain secure channels are involved. The book introduces a...
This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP ...