Presentation is loading. Please wait.

Presentation is loading. Please wait.

Center for Cyber-Security and Privacy1 Loud And Clear Security Michael T. Goodrich, Michael Sirivianos, John Solis, Gene Tsudik and Ersin Uzun.

Published byAusten Townsend Modified over 9 years ago

Similar presentations

Presentation on theme: "Center for Cyber-Security and Privacy1 Loud And Clear Security Michael T. Goodrich, Michael Sirivianos, John Solis, Gene Tsudik and Ersin Uzun."— Presentation transcript:

1 Center for Cyber-Security and Privacy1 Loud And Clear Security Michael T. Goodrich, Michael Sirivianos, John Solis, Gene Tsudik and Ersin Uzun. {goodrich,msirivia,jsolis,gts,euzun}@ics.uci.edu

2 Center for Cyber-Security and Privacy2 Problem Statement Αuthentication of communication channels between devices that lack any previous secure association.

3 Center for Cyber-Security and Privacy3 Challenges Human verifiable authentication. Introduce user in the authentication loop. No previous shared secrets. No online or offline authority. Limited computational resources on portable devices. Support for multiple broadcast mediums.

4 Center for Cyber-Security and Privacy4 Previous Approaches Human Comparable Visual Hashes Cumbersome Task High Error Rate Seeing is Believing 2D barcodes to authenticate devices with camera phones Many devices lack a camera or barcode scanner Need graphical display or sticker Visually-impaired users Poor visibility scenarios (e.g., smoke, darkness) Requires sufficiently clear picture

5 Center for Cyber-Security and Privacy5 Our Solution: L&C Audio channel for human-assisted authentication of previously un-associated devices Derive auditorially-robust, syntactically correct sentence (MadLib) from hash of a public key Vocalize sentence Combine vocalization on one (or both) devices with the display of the same information on other device Suitable for secure device pairing (e.g key exchange) and similar tasks Only need speaker on one device and small (text) display on the other

6 Center for Cyber-Security and Privacy6 Personal DeviceTarget Device Cell phone: speaker & small display Handheld/PDA: speaker & display Smart Watch: tiny speaker & tiny display MP3 player: audio out & no display Printer or FAX: speaker & small display Base Station: no speaker & no display Mutual authentication possibly required Sample Use Scenarios

7 Center for Cyber-Security and Privacy7 L&C Use Types TYPE 4: Compare text displayed on each device. TYPE 1: Hear and compare two audible sequences, one from each device TYPE 2: Hear audible sequence from target device, compare it to text displayed by personal device TYPE 3: Hear audible sequence from personal device, compare it to text displayed by target device.

8 Center for Cyber-Security and Privacy8 Implementation-Performance Programming System Built on highly-portable Ewe Java VM. Runs on any Pocket or Windows PC. TTS Engine Can use any portable TTS engine Digit for PC and Pocket PC (uses Elan Speech Engine) Now porting Sun’s Java FreeTTS and JSAPI to Ewe L&C Processing times in ms

Download ppt "Center for Cyber-Security and Privacy1 Loud And Clear Security Michael T. Goodrich, Michael Sirivianos, John Solis, Gene Tsudik and Ersin Uzun."

Similar presentations

Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1.

Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1.
4.03 IT PowerPoint Objective 4.03—Understand Information Technology activities and careers.

4.03 IT PowerPoint Objective 4.03—Understand Information Technology activities and careers.
                      Digital Audio 1.

                      Digital Audio 1.
Millions of people have been blocked from entering the digital world… Millions of people have been blocked from entering the digital world…

Millions of people have been blocked from entering the digital world… Millions of people have been blocked from entering the digital world…
Chapter 5 Input and Output. What Is Input? What is input? p. 166 Fig. 5-1 Next  Input device is any hardware component used to enter data or instructions.

Chapter 5 Input and Output. What Is Input? What is input? p. 166 Fig. 5-1 Next  Input device is any hardware component used to enter data or instructions.
Update your table of contents Computer Components 11.

Update your table of contents Computer Components 11.
LAAC: A Location-Aware Access Control Protocol YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006.

LAAC: A Location-Aware Access Control Protocol YounSun Cho, Lichun Bao and Michael T. Goodrich IWUAC 2006.
Discovering Computers: Chapter 1

Discovering Computers: Chapter 1
Definition and Aspects

Definition and Aspects
Living Well On-Line.  Digital media: electronic devices and media platforms such as computers, cell phones, video, the Internet, and video games that.

Living Well On-Line.  Digital media: electronic devices and media platforms such as computers, cell phones, video, the Internet, and video games that.
Parts of a Computer.

Parts of a Computer.
Introduction ‘Have you ever played video games before? Look at the joystick movement. When you move the joystick to the left, the plane on the TV screen.

Introduction ‘Have you ever played video games before? Look at the joystick movement. When you move the joystick to the left, the plane on the TV screen.
Digital Literacy.

Digital Literacy.
Vocabulary Terms Adapted from “Cooling Systems” – CTAE Information Technology Essentials PROFITT.

Vocabulary Terms Adapted from “Cooling Systems” – CTAE Information Technology Essentials PROFITT.
CHAPTER 2 Input & Output Prepared by: Mrs.sara salih 1.

CHAPTER 2 Input & Output Prepared by: Mrs.sara salih 1.
Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University.

Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University.
Seeing-Is-Believing: using camera phones for human-verifiable authentication Jonathan M. McCune, Adrian Perrig and Michael K. Reiter Int. J. Security and.

Seeing-Is-Believing: using camera phones for human-verifiable authentication Jonathan M. McCune, Adrian Perrig and Michael K. Reiter Int. J. Security and.
4.03 IT PowerPoint Objective 4.03—Understand Information Technology activities and careers.

4.03 IT PowerPoint Objective 4.03—Understand Information Technology activities and careers.
Assistive Technology Ability to be free. Quick Facts  Assistive technology is technology used by individuals with disabilities in order to perform functions.

Assistive Technology Ability to be free. Quick Facts  Assistive technology is technology used by individuals with disabilities in order to perform functions.
8. INPUT, OUTPUT and storage DEVICES i/o units

8. INPUT, OUTPUT and storage DEVICES i/o units

Similar presentations

Ads by Google