Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K. 2005 IEEE Symposium on Security and.

Slides:

Advertisements

Similar presentations

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

Advertisements

Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Interlock Protocol - Akanksha Srivastava 2002A7PS589.

Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao Source: IEEE Comm. Letters 13 (5) (2009) Presenter: Yu-Chi Chen.

A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao (PR China) Source: IEEE Comm. Letters 13 (5) (2009) Presenter:

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

802.1x EAP Authentication Protocols

Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From ： ePrint (August 2005) Author ： Junghyun Nam, Seungjoo.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University.

Seeing-Is-Believing: using camera phones for human-verifiable authentication Jonathan M. McCune, Adrian Perrig and Michael K. Reiter Int. J. Security and.

InterSwyft Technology presentation. Introduction InterSwyft brings secured encrypted transmission of SMS messages for internal and external devices such.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

SafeSlinger Easy-to-Use and Secure Public-Key Exchange Michael Farb (CMU), Yue-Hsun Lin (CMU), Tiffany Hyun-Jin Kim (CMU), Jonathan McCune (Google), Adrian.

Physical Contact in Ad-Hoc Wireless Network Nie Pin

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Bridging the UI Gap for Authentication in Smart Environments Sebastian Unger Prof. Dirk Timmermann University of Rostock, Germany MuSAMA DFG Graduate Program.

Brian Padalino Sammy Lin Arnold Perez Helen Chen

A History of WEP The Ups and Downs of Wireless Security.

KAIS T In-Vehicle Secure Wireless Personal Area Network (SWPAN) Reference: S. M. Mahmud and Shobhit Shanker, “In-Vehicle Secure Wireless Personal Area.

Integrity-regions: Authentication Through Presence in Wireless Networks Srdjan Čapkun 1 and Mario Čagalj 2 1 Department of Computer Science, ETH Zurich.

Cryptography, Authentication and Digital Signatures

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

Center for Cyber-Security and Privacy1 Loud And Clear Security Michael T. Goodrich, Michael Sirivianos, John Solis, Gene Tsudik and Ersin Uzun.

Security protocols and their verification Mark Ryan University of Birmingham Midlands Graduate School University of Birmingham April 2005 Steve Kremer.

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

Doc.: IEEE /063 Submission May 2000 Y. Kuchiki, M. Ikeda Seiko Epson Corp. Slide 1 Yutaku Kuchiki, Masayuki Ikeda Seiko Epson Corporation May.

1 Needham-Schroeder A --> S: A,B, N A S --> A: {N A,B,K AB,{K AB,A} KBS } KAS A --> B:{K AB,A} KBS B --> A:{N B } KAB A --> B:{N B -1} KAB.

Using Cryptography for Network Security Common problems: –Authentication - A and B want to prove their identities to one another –Key-distribution - A.

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

Security in Near Field Communication Strengths and Weaknesses

Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.

Doc.: IEEE /0123r0 Submission January 2009 Dan Harkins, Aruba NetworksSlide 1 Secure Authentication Using Only A Password Date:

Focus On Bluetooth Security Presented by Kanij Fatema Sharme.

An Improved Efficient Secret Handshakes Scheme with Unlinkability Author: Jie Gu and Zhi Xue Source: IEEE Comm. Letters 15 (2) (2011) Presenter: Yu-Chi.

1. U2F Case Study Examining the U2F paradox 3 What is Universal 2 nd Factor (U2F)?

User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:

Azam Supervisor : Prof. Raj Jain

Research Overview Nitesh Saxena Research areas: computer and network security, applied cryptography.

When DRM Meets Restricted Multicast A Content Encryption Key Scheme for Restricted Multicast and DRM Min FENG and Bin ZHU Microsoft Research Asia.

Hoda Jannati School of Computer Science

Your Wireless Network has No Clothes* William A. Arbaugh, Narendar Shankar Y.C. Justin Wan University of Maryland Presentation by Eddy Purnomo,

Dan Boneh Basic key exchange Trusted 3 rd parties Online Cryptography Course Dan Boneh.

1 Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim,

Integrating A Key Distribution Procedure Into The Digital Signature Standard B. Arazi Electronics Letters Vol. 29, No. 11, Pg May 1993 Adviser:

Network Security Celia Li Computer Science and Engineering York University.

György Kálmán, Josef Noll Mobile and Wireless Communications Summit, th IST 1-5, July 2007 Speaker : 黃韋綸 Right Management Infrastructure for Home.

1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:

9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.

1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

1/18 Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho.

- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.

SYNERGY: A Game-Theoretical Approach for Cooperative Key Generation in Wireless Networks Jingchao Sun, Xu Chen, Jinxue Zhang, Yanchao Zhang, and Junshan.

1 Secret Handshakes or Privacy-Preserving Interactive Authentication Gene Tsudik University of California, Irvine joint work with: Claude Castelluccia,

Key Management Session and Interchange Key Key Exchange

Presentation transcript:

Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K IEEE Symposium on Security and Privacy Presented by: Rui Peng

Outline Public Key and Secret Key Cryptography Motivation Solution Scenarios Comments and conclusion

Public Key Cryptography

Secret Key Cryptography

Man-in-the-middle Attack

Motivation Problem: a user wants to connect his wireless device to that another device. Challenges  No centralized authority  No prior context How to do authentication between wireless devices?

Solution Use a side channel for key exchange Visual channel: camera phones! Requirements:  Camera (read barcodes)  Display (display barcodes) Result: very strong authentication

Authenticating a public key with SiB

Bidirectional authentication Both parties must have camera and display. Users take turns displaying and taking snapshots of their respective barcodes. Alice gets a digest of Bob’s public key and vice versa. These digests serve as commitments to their respective public keys. Subsequent communication can begin with any well-known public key protocol.

Unidirectional authentication Camera-less devices cannot authenticate other devices with SiB. If equipped with display, they can still generate barcodes so they can be authenticated.

Unidirectional authentication

Advantages The idea of using visual channel is novel and interesting. Provide strong authentication for wireless devices Enables the security of public key protocols without dependence of a central authority.

Limitations Not all devices have cameras and displays. Still cumbersome to use the protocol.  Need to point the camera to a device and take snapshots every time you want to communicate.

Thank you! Questions?