Results 1 - 10
of
62
Deja Vu: A User Study Using Images for Authentication
- In Proceedings of the 9th USENIX Security Symposium
"... 1 ..."
Secure human identification protocols
- In Asiacrypt
, 2001
"... Abstract. One interesting and important challenge for the cryptologic community is that of providing secure authentication and identification for unassisted humans. There are a range of protocols for secure identification which require various forms of trusted hardware or software, aimed at protecti ..."
Abstract
-
Cited by 127 (3 self)
- Add to MetaCart
Abstract. One interesting and important challenge for the cryptologic community is that of providing secure authentication and identification for unassisted humans. There are a range of protocols for secure identification which require various forms of trusted hardware or software, aimed at protecting privacy and financial assets. But how do we verify our identity, securely, when we don’t have or don’t trust our smart card, palmtop, or laptop? In this paper, we provide definitions of what we believe to be reasonable goals for secure human identification. We demonstrate that existing solutions do not meet these reasonable definitions. Finally, we provide solutions which demonstrate the feasibility of the security conditions attached to our definitions, but which are impractical for use by humans. 1
The Untrusted Computer Problem and Camera-Based Authentication
- In Pervasive Computing, volume 2414 of LNCS
, 2002
"... The use of computers in public places is increasingly common in everyday life. In using one of these computers, a user is trusting it to correctly carry out her orders. For many transactions, particularly banking operations, blind trust in a public terminal will not satisfy most users. In this paper ..."
Abstract
-
Cited by 37 (2 self)
- Add to MetaCart
(Show Context)
The use of computers in public places is increasingly common in everyday life. In using one of these computers, a user is trusting it to correctly carry out her orders. For many transactions, particularly banking operations, blind trust in a public terminal will not satisfy most users. In this paper the aim is therefore to provide the user with authenticated communication between herself and a remote trusted computer, via the untrusted computer.
Progressive Color Visual Cryptography
, 2005
"... Visual cryptography is a powerful technique which combines the notions of perfect ciphers and secret sharing in cryptography with that of raster graphics. A binary image can be divided into shares which can be stacked together to approximately recover the original image. Unfortunately, it has not ..."
Abstract
-
Cited by 23 (0 self)
- Add to MetaCart
Visual cryptography is a powerful technique which combines the notions of perfect ciphers and secret sharing in cryptography with that of raster graphics. A binary image can be divided into shares which can be stacked together to approximately recover the original image. Unfortunately, it has not been used much primarily because the decryption process entails a severe degradation in image quality in terms of loss of resolution and contrast. Its usage is also hampered by the lack of proper techniques for handling grayscale and color images. In this paper, we have developed a novel technique which enables visual cryptography of color as well as grayscale images. With the use of halftoning and a novel microblock encoding scheme, the technique has a unique flexibility which allows a single encryption of a color image but allows three types of decryptions on the same ciphertext. The three different types of decryptions allow for the recovery of the image of varying qualities. The physical transparency stacking type of decryption allows for the recovery of the traditional visual cryptography quality image. An enhanced stacking technique allows for the decryption into a halftone quality image. And finally, a computation based decryption scheme makes the perfect recovery of the original image possible. Based on this basic scheme, we have then established a progressive mechanism to share color images at multiple resolutions. We
Security parallels between people and pervasive devices.
- In PERSEC’05,
, 2005
"... ..."
(Show Context)
Cheating Prevention in Visual Cryptography
- IEEE Trans. on Image Processing
"... Abstract—Visual cryptography (VC) is a method of encrypting a secret image into shares such that stacking a sufficient number of shares reveals the secret image. Shares are usually presented in transparencies. Each participant holds a transparency. Most of the previous research work on VC focuses on ..."
Abstract
-
Cited by 16 (0 self)
- Add to MetaCart
(Show Context)
Abstract—Visual cryptography (VC) is a method of encrypting a secret image into shares such that stacking a sufficient number of shares reveals the secret image. Shares are usually presented in transparencies. Each participant holds a transparency. Most of the previous research work on VC focuses on improving two param-eters: pixel expansion and contrast. In this paper, we studied the cheating problem in VC and extended VC. We considered the at-tacks of malicious adversaries who may deviate from the scheme in any way. We presented three cheating methods and applied them on attacking existent VC or extended VC schemes. We improved one cheat-preventing scheme. We proposed a generic method that converts a VCS to another VCS that has the property of cheating prevention. The overhead of the conversion is near optimal in both contrast degression and pixel expansion. Index Terms—Cheat-preventing, cheating, secret sharing, visual cryptography. I.
Halting Password Puzzles -- Hard-to-break Encryption from Human-memorable Keys
, 2007
"... We revisit the venerable question of "pure password"-based key derivation and encryption,and expose security weaknesses in current implementations that stem from structural flaws in Key Derivation Functions (KDF). We advocate a fresh redesign, named Halting KDF (HKDF),which we thoroughly ..."
Abstract
-
Cited by 12 (2 self)
- Add to MetaCart
(Show Context)
We revisit the venerable question of "pure password"-based key derivation and encryption,and expose security weaknesses in current implementations that stem from structural flaws in Key Derivation Functions (KDF). We advocate a fresh redesign, named Halting KDF (HKDF),which we thoroughly motivate on these grounds: 1. By letting password owners choose the hash iteration count, we gain operational flexibilityand eliminate the rapid obsolescence faced by many existing schemes. 2. By throwing a Halting-Problem wrench in the works of guessing that iteration count, wewiden the security gap with any attacker to its theoretical optimum. 3. By parallelizing the key derivation, we let legitimate users exploit all the computationalpower they can muster, which in turn further raises the bar for attackers. HKDFs are practical and universal: they work with any password, any hardware, and aminor change to the user interface. As a demonstration, we offer real-world implementations for the TrueCrypt and GnuPG packages, and discuss their security benefits in concrete terms.
Mitigating dictionary attacks on password-protected storage
- In Dwork [22
"... Abstract. We address the issue of encrypting data in local storage using a key that is derived from the user’s password. The typical solution in use today is to derive the key from the password using a cryptographic hash function. This solution provides relatively weak protection, since an attacker ..."
Abstract
-
Cited by 10 (1 self)
- Add to MetaCart
Abstract. We address the issue of encrypting data in local storage using a key that is derived from the user’s password. The typical solution in use today is to derive the key from the password using a cryptographic hash function. This solution provides relatively weak protection, since an attacker that gets hold of the encrypted data can mount an off-line dictionary attack on the user’s password, thereby recovering the key and decrypting the stored data. We propose an approach for limiting off-line dictionary attacks in this setting without relying on secret storage or secure hardware. In our proposal, the process of deriving a key from the password requires the user to solve a puzzle that is presumed to be solvable only by humans (e.g, a CAPTCHA). We describe a simple protocol using this approach: many different puzzles are stored on the disk, the user’s password is used to specify which of them need to be solved, and the encryption key is derived from the password and the solutions of the specified puzzles. Completely specifying and analyzing this simple protocol, however, raises a host of modeling and technical issues, such as new properties of human-solvable puzzles and some seemingly hard combinatorial problems. Here we analyze this protocol in some interesting special cases. 1
Polling with physical envelopes: A rigorous analysis of a humancentric protocol
- in Advances in Cryptology, Lecture Notes in Comput. Sci. 4004
, 2006
"... Abstract. We propose simple, realistic protocols for polling that allow the responder to plausibly repudiate his response, while at the same time allow accurate statistical analysis of poll results. The protocols use simple physical objects (envelopes or scratch-off cards) and can be performed witho ..."
Abstract
-
Cited by 9 (2 self)
- Add to MetaCart
(Show Context)
Abstract. We propose simple, realistic protocols for polling that allow the responder to plausibly repudiate his response, while at the same time allow accurate statistical analysis of poll results. The protocols use simple physical objects (envelopes or scratch-off cards) and can be performed without the aid of computers. One of the main innovations of this work is the use of techniques from theoretical cryptography to rigorously prove the security of a realistic, physical protocol. We show that, given a few properties of physical envelopes, the protocols are unconditionally secure in the universal composability framework. 1
Secure Human-Computer Identification against Peeping Attacks (SecHCI): A Survey
, 2003
"... It is an interesting problem how a human can prove its identity to a trustworthy (local or remote) computer with untrustworthy input devices and via an insecure channel controlled by adversaries. Any input devices and auxiliary devices are untrustworthy under the following assumptions: the advers ..."
Abstract
-
Cited by 7 (3 self)
- Add to MetaCart
(Show Context)
It is an interesting problem how a human can prove its identity to a trustworthy (local or remote) computer with untrustworthy input devices and via an insecure channel controlled by adversaries. Any input devices and auxiliary devices are untrustworthy under the following assumptions: the adversaries can record humans' operations on the devices, and can access the devices to replay the recorded operations.
