1 of 17

ECS 251: Advanced OS

Sound Proof

2 of 17

Administrative

Progress reports due today

Reminder: progress reports are about letting me know about progress, won’t regrade intros and informal is ok, as long as I know (1) what you’ve done, (2) what you think you’ll do, and (3) how much progress you have made thus far

3 of 17

Sound-Proof: 2FA using ambient noise

Great example of OS principles applied to applications

Authentication is handled largely by apps now, clever ways to make this smooth

4 of 17

Lots of innovation in stagnant OS area

5 of 17

Different than traditional auth

Apps are almost always distributed, use a server for auth, available from a network

Growth is important for new apps, willing to give us security for more users

Smartphones have lots of sensors, location is first class

Screens are small, hard to enter text

6 of 17

Key tradeoff: lower friction but deal with active attackers simultaneously

7 of 17

Login, use the product

8 of 17

Before you exchange creds for auth token, check

Algorithm: suspicious login?

9 of 17

If it’s not suspicious, let them in

Algorithm: suspicious login?

Not suspicious, login

10 of 17

Solution: signup and login challenges

Algorithm: suspicious login?

Not suspicious, login

Suspicious, challenge

11 of 17

If they can verify identity, log them in

Algorithm: suspicious login?

Pass challenge, login

Not suspicious, login

Suspicious, challenge

12 of 17

If they can’t pass, give them an out

Algorithm: suspicious login?

Pass challenge, login

Not suspicious, login

Suspicious, challenge

Create new account

13 of 17

Challenges flows and algorithms complement other

Algorithm: suspicious login?

Pass challenge, login

Not suspicious, login

Suspicious, challenge

Create new account

14 of 17

Perfect algorithm, no need for a challenge

Algorithm: suspicious login?

Pass challenge, login

Not suspicious, login

Suspicious, challenge

Create new account

15 of 17

Perfect challenge, no need for algo, just always use

Algorithm: suspicious login?

Pass challenge, login

Not suspicious, login

Suspicious, challenge

Create new account

16 of 17

Using both allows you to be imperfect

Algorithm: suspicious login?

Pass challenge, login

Not suspicious, login

Suspicious, challenge

Create new account

17 of 17

Where would SoundProof fit?

My guess: as an additional signal for the core auth decision, where you can use a challenge to clean up in the case of mistakes