Download
1 / 7
70 likes | 94 Views
Explore the technology transition plan for integrating PwdHash and RSA Security into browsers, aiming to combat phishing attacks. Phase I focuses on applying PwdHash to one-time passwords, while Phase II involves authenticating the server to the client. Stay updated on this vital development.
E N D
Technology Transition Plan • PwdHash: RSA Security (www.pwdhash.com) • Initial integration completed fall 2006 • Hope to convince IE team to embed natively in IE • SpyBlock deployment: • Available at http://getspyblock.com/ • Relevant companies: Mocha5, VMWare • Dialog with companies about transaction generators • SafeHistory: Microsoft, Mozilla. • Available at www.safehistory.com KT-ID Theft
Public relations activities • News articles on PwdHash: • Many articles in popular press, still appearing • Computerworld Horizon Award: August 2006 • SafeHistory & SafeCache: • WWW ’06 paper • Timing attacks • WWW ’07 paper • SpyBlock and transaction generation • Report completed; conference paper in process KT-ID Theft
KT-ID Theft "Title", J.Q. Speaker-Name 7
PwdHash and RSA SecurID • Tech transfer: available as IE and Firefox extensions • Working to convince MS to embed natively into IE • Integration with RSA SecurID: • Motivation: “man in the middle” phishing attacks • Defeats one-time password systems • Phase I: apply PwdHash to one-time passwords • Requires updates to SecurID server and PwdHash • Phase II: authenticate server to client • Planned for next year KT-ID Theft
