Rahul Chatterjee, PhD Candidate
Security often fails in practice due to a lack of understanding of the nuances in real-world systems. For example, users choose weak passwords to deal with the several usability issues with passwords, which in turn degrades the security of password-based authentication. I will talk about how we can build better security mechanisms by combining methodical empiricism with analytical frameworks. First, in the context of passwords, I will show how to improve the usability of passwords by allowing users to log in with typos in their passwords. I will detail in the talk how to do so without giving attackers any additional advantage to impersonate a user.
In the second part of my talk, I will talk about my recent research direction on how traditional authentication mechanisms fail to properly model digital attacks by domestic abusers, and therefore are ineffective for victims. As a result, abusers can spy on, stalk, or harass victims using seemingly innocuous apps and technologies. I will finish with some recent progress that I have made in helping victims of tech abuse, and provide some future research directions.
Rahul Chatterjee is a PhD candidate at Cornell University, working on computer security. Prior to joining Cornell, Rahul received his masters from the University of Wisconsin-Madison and bachelors from the Indian Institute of Technology (IIT), Kharagpur. Rahul’s research focuses on user authentication, in particular passwords and biometrics. Lately, he is also conducting research on how to stop technology abuse in the context of domestic violence. His co-authored papers have been covered by several media outlets, including The New York Times and the MIT Tech Review. His work on password typos was recognized with the distinguished student paper award at IEEE S&P (2016).
Thursday, February 28, 2019 at 10:00am to 11:00am
Kelley Engineering Center, 1007
110 SW Park Terrace, Corvallis, OR 97331