Sunday, 24 March 2013

Google's 'Magic Ring' Could Kill the Password









Google is researching a way to kill the password, this time with a magic ring.

No, it isn’t a weird metaphorical movie plot. The idea is to use a trinket that plugs into the USB slot on a computer and authenticates the user.

At the RSA Security conference in San Francisco, Mayank Upadhyay, a principal engineer at Google who specializes in security, said the experience of logging on to a computer or website should be as simple as using an ATM machine, which is why the company is looking into the USB technology as an alternative to passwords.

Overall, passwords don’t work well for many people. That’s because people either have too many and need to write them down — violating rule number one of password security — or they have one that they use in several places, increasing their security risk.

Carrying a token could make authentication easier, because a person wouldn’t have to remember all those passwords.

Google’s prototype is a USB drive mounted on a ring or other small piece of jewelry that uses a piece of digital information knows as a cryptographic key. It’s a bit of software that serves as the encoding and decoding method for secret communications. Cryptographic keys used in computer systems are based on complicated mathematical algorithms, but their purpose is simple: encode a message so that it’s unreadable to anyone else but the intended recipient and read a coded message that’s meant only for you.

Here’s how it would work. Let’s say you want to access your checking account information from your bank’s website. First, you must register your cryptographic key with the bank. That would involve inserting the USB drive into your computer, logging onto the bank’s website and walking through a couple of authentication prompts, similar to how creating a new account works already.

During this process, two software keys get generated: one public and one private. The public key gets sent to the bank’s website for use later. The other remains stored on the USB drive.

Later, if you want to transfer money from your checking account to your savings, you visit the website with your USB key inserted in your computer. At the bank’s website, a login screen would pop up, but instead of entering your username and password, you would click a button that said “authenticate” — or even skip that step altogether. The bank uses the public crytopgraphic key created during registration to encode a message that it sends to your USB drive. That message is a mathematical “challenge” that can only be solved by the private key stored on your USB drive.

This kind of public-private key encryption is common; it relies on the fact that some mathematical operations are hard to reverse. For instance, multiplying 3 and 18 is easy to do, but factoring out the result — 54 — into the smallest possible prime numbers (1, 3, 3, 3, and 2) is harder, because you have to do more mathematical steps. Encrypting a message with the public key is like multiplying the two numbers, and the decryption process is like factoring the result and looking for two specific numbers. If you want to decode the message without the key, you don’t know if the numbers you want are 2 and 3, 3 and 3, or 1 and 3, or possibly some other combination like 6 and 9. That’s what makes this kind of cryptography work so well — a big number has billions of possible combinations of factors.

Because a user is not typing in a password, she is safe from hackers who may be using  software that records keystrokes to steal her login information. And a cryptographic key also deals with “man in the middle” hacks, which involve someone monitoring the digital communications between a user and a website and stealing that information to be used later.

A magic ring certainly deals with the problem of password hacks, but it doesn’t necessarily address what happens if the user loses the USB drive. Of what happen if an unscrupulous person got a hold of the ring, he’d most likely be able to access secured websites, assuming he had enough information such as the user’s name. On the bright side, in this sense it is similar to losing your house or car keys — if someone finds your house keys, they can’t break into your home without knowing the address.

It does offer some neat ideas for a modern take on the “Lord of the Rings” movie, though. Would it involve a quest to drop a USB ring into an incinerator?

Credit: Wikimedia Commons

Via Technology Review

World's Thinnest Camera Sees a Single Cell







The endoscope radically changed medicine; doctors were able to use a tiny camera at the end of a thread-thin wire to look into a patient’s body without major surgery. Engineers at Stanford University have taken the endoscope a step further: they’ve built the thinnest one ever and it see individual cells.

The Stanford is

Their needle-thin endoscope has the potential to image single cancer cells and peer into organs where larger endoscopes could do more damage than good, like in the brain. And the super thin endoscope would create a much smaller scar than a laparoscope, the instrument typically used to do knee surgery.

Conventional endoscopes are built with multiple optical fibers, some of which illuminate the area and others which record the image and carry it back to the viewer. The more fibers inside the endoscope, the better the resolution of the image. But more fibers also translates into a bulkier endoscope.

Kahn’s team built a endoscope using just one multimode fiber. Multimode fibers are capable of carrying light along many different paths — in fact, a “mode” is a path that light takes. The team’s idea was to use a single fiber to both illuminate an object as well as carry data from the image. The challenge is the information gets scrambled on the way, since the light is moving along different paths.

To make it work, Kahn’s team built a device called a spatial light modulator. The modulator sent a continuous beam of laser light down the fiber in random paths. Because of the random path, once the light exited the fiber it made a speckled pattern. Some of that light bounced back up the fiber.

A computer program created by Kahn’s team analyzed the speckled pattern returning up the fiber and used that to build an image. Their technique pushed the resolution of the image even further than what they had expected, and enabled them to see object that were sizes of individual cells.

Kahn said in a press release that he sees most of the new applications in imaging, to study in detail cells as they operate inside the body.

Saturday, 23 March 2013

Sound Waves Focused Into Laserlike Beam



We’ve all seen laser beams — narrow and powerful beams of light used in everything from CD players to weapons. Now researchers have found a way to make sound waves that, like light waves in a laser, travel in step. They call it a phaser and it could open up applications as wide-ranging as precision timer circuits and better ultrasound scans.

The researchers from NTT Basic Laboratories in Japan call their device a phaser because it uses phonons, waves of sound that require a medium, such as a gas, liquid or solid, to travel.

To create the beam, they started with a tiny drum just a few nanometers across, and put it inside a cavity, which acted like a resonator. They vibrated the drum, which transmitted energy to the cavity, and created the phonons. The cavity confined the sound waves. At a certain frequency, called the resonant frequency, the material of the cavity relaxed in a very specific way, creating vibrations that transferred energy back into the drum. Those vibrations are at a specific frequency and if one connected the resonator to a solid material those vibrations would travel away in a narrow beam. That traveling wave is the “laser” sound beam. Since the sound waves are all in step with each other, they would go in straight lines and wouldn’t spread out.

Right now the device is confined to a circuit a half an inch on a side. And it can’t send out beams of sound over a distance, like the sonic weapons used in crowd control or against Somali pirates. That’s because in order for phonons to travel, they need the gas, liquid or solid they’re moving through to be consistent that entire way.

Although the word “phaser” is used to mean a laser-like weapon on the science fiction television show and movie Star Trek, it doesn’t mean that here. But like lasers, phasers end up in common use. For example a resonator could translate the beams of phonon vibrations into electrical signals, replacing the quartz crystals currently used in watches and clocks. And the high frequencies mean that it could provide a better picture than current ultrasound systems.