UNIVERSITY OF HERTFORDSHIRE COMPUTER SCIENCE RESEARCH COLLOQUIUM presents "The Security of Personal Knowledge" Joseph Bonneau (Cambridge University) 2 December 2009 (Wednesday) Lecture Theatre E351 Hatfield, College Lane Campus 3 - 4 pm Everyone is Welcome to Attend Refreshments will be available Abstract: When passwords fail and hardware or biometrics are infeasible, many systems still rely on personal knowledge for human authentication. In the past year, high-profile accounts of Twitter executives and US politician Sarah Palin were compromised by guessing personal knowledge questions. This talk will discuss the range of personal knowledge-based protocols and survey recent literature on real-world attacks. The speaker will then introduce new research on statistical guessing attacks, including information-theoretic models of guessing and their security implications when applied to real-world probability distributions of the names of people, pets, and places. --------------------------------------------------- Hertfordshire Computer Science Research Colloquium http://homepages.feis.herts.ac.uk/~nehaniv/colloq