Type of paper:Â | Critical thinking |
Categories:Â | Computer science |
Pages: | 3 |
Wordcount: | 651 words |
To work, the QR code near the login form on a website contains the URL authentication service to the website. The URL generates long random digits known as a "nonce". The SQRL app on a Smartphone is activated and it cryptographically hashes the unique SQRL generated domain through the use of a site-specific/unique public key pair (Wang et al., 2016). Next, the SQRL app signs the QR code by using the site-specific unique private key. Next, the app provides a safe query - HTTPS POST - to the URL QR code. Subsequently, an authenticating website attains and confirms the POST query. That is by issuing a standard HTTP "200 OK" with no additional content to finally login to the site.
Benefits of Using the SQRL
SQRL authentication provides an array of security benefits to SQRL-enabled site users. First, users can enjoy an anonymous identification as well as authentication to a website. That is because all visitors to an SQRL authenticated website are identified uniquely through anonymous SQRL IDs. Also, the SQRL IDs are user as well as site-specific and also, SQRL website users do not need to create accounts to the sites when they want to make comments or posts to the sites (Gibson Research Corporation, 2015). Second, the SQRL users can enjoy intrinsic protection from cybercriminals. That is because the SQRL-enabled sites only have a user's unique SQRL ID, which is normally useful to that particular site. Second, the SQRL feature has an identity lock that prevents any form of identity change and permits identity recovery.
Third, there is no keyboard interaction that is required by an SQRL-enabled site user. That makes the feature safe for a website user who may need to login to a site in an unsafe location like a hotel or library (Beaulieu, 2009). Forth, the SQRL feature offers its users protection from all forms of hostile authorities. That is because the SQRL feature has no third-party involvement aspect, which means that no pervasive forms of government surveillance can compromise a user's data. Also, when crossing states with intrusive mobile device inspection, users can delete their accounts from the SQRL app and later recover the information by adding their profiles back into the app.
Possible Security Issues with the SQRL
There are six potential security issues that have been identified as a result of using the SQRL. First, there is a security risk in reference to how the unique identities of the SQRL users are backed up or cloned to other devices (Gibson Research Corporation, 2015). Second, an SQRL user must have a Smartphone with an SQRL app to log in into a website. As such, it means that a user may face a login problem when striving to login into an SQRL website on a browser opened in his/her Smartphone. In this case, people might find it impossible to open the SQRL app and SQRL website at the same time for successful authentication.
Third, it might be a problem for an SQRL-enabled website user to login into the site if his/her Smartphone containing the unique SQRL identity is either lost or stolen. Fourth, the password protecting logins that are contained in most Smartphones might interfere with the SQRL authentication for logins to a website. Fifth, users of the SQRL website might face login problems in their Smartphones containing the SQRL login app is hacked. Sixth, it would be impossible for multiple people sharing the same phone or with different identities to use different SQRL authentication identities to log into an SQRL-enabled website.
References
Beaulieu, A. (2009). Learning SQL: Master SQL Fundamentals. Sebastopol: O'Reilly Media, Inc.
Gibson Research Corporation. (2015). Secure Quick Reliable Login. Retrieved from Gibson Research Corporation: https://www.grc.com/sqrl/sqrl.htm
Wang, G., Ray, I., Calero, J. M., & Thampi, S. M. (2016). Security, Privacy, and Anonymity in Computation, Communication, and Storage: 9th International Conference, SpaCCS 2016, Zhangjiajie, China, November 16-18, 2016, Proceedings. New York: Springer.
Cite this page
Computer Science Essay Example: New Authentication Proposal. (2022, Nov 04). Retrieved from https://speedypaper.com/essays/new-authentication-proposal
Request Removal
If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal:
- Free Essay Example on Animal Interaction
- Essay Sample on Nursing Research and Evidence-based Practice
- Porter's Five Analysis and SWOT Analysis Essay Example
- Essay Sample: The University Students and Sugar Daddies Online
- Essay Sample on Overview of a Patient's Diagnosis
- Essay Example on Chinese Social Cultural Issues and Regional Disparity
- Essay Sample on The Current State of Tourism in Western Australia
Popular categories