Presentation is loading. Please wait.

Presentation is loading. Please wait.

Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K. 2005 IEEE Symposium on Security and.

Published bySheila Fowler Modified over 9 years ago

Similar presentations

Presentation on theme: "Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K. 2005 IEEE Symposium on Security and."— Presentation transcript:

1 Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K. 2005 IEEE Symposium on Security and Privacy Presented by: Rui Peng

2 Outline Public Key and Secret Key Cryptography Motivation Solution Scenarios Comments and conclusion

3 Public Key Cryptography

4

5 Secret Key Cryptography

6 Man-in-the-middle Attack

7 Motivation Problem: a user wants to connect his wireless device to that another device. Challenges  No centralized authority  No prior context How to do authentication between wireless devices?

8 Solution Use a side channel for key exchange Visual channel: camera phones! Requirements:  Camera (read barcodes)  Display (display barcodes) Result: very strong authentication

9

10 Authenticating a public key with SiB

11 Bidirectional authentication Both parties must have camera and display. Users take turns displaying and taking snapshots of their respective barcodes. Alice gets a digest of Bob’s public key and vice versa. These digests serve as commitments to their respective public keys. Subsequent communication can begin with any well-known public key protocol.

12 Unidirectional authentication Camera-less devices cannot authenticate other devices with SiB. If equipped with display, they can still generate barcodes so they can be authenticated.

13 Unidirectional authentication

14 Advantages The idea of using visual channel is novel and interesting. Provide strong authentication for wireless devices Enables the security of public key protocols without dependence of a central authority.

15 Limitations Not all devices have cameras and displays. Still cumbersome to use the protocol.  Need to point the camera to a device and take snapshots every time you want to communicate.

16 Thank you! Questions?

Download ppt "Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication McCune, J.M., Perrig, A., Reiter, M.K. 2005 IEEE Symposium on Security and."

Similar presentations

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.

1 Security for Ad Hoc Network Routing. 2 Ad Hoc Networks Properties Mobile Wireless communication Medium to high bandwidth High variability of connection.
Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1.

Usable Bootstrapping of Secure Ad Hoc Communication Ersin Uzun PARC 1.
Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Interlock Protocol - Akanksha Srivastava 2002A7PS589.

Interlock Protocol - Akanksha Srivastava 2002A7PS589.
Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.

Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig Carnegie Mellon University Message-In-a-Bottle: User-Friendly and Secure Cryptographic Key Deployment.
1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.

1 Bootstrapping Trust in a “Trusted” Platform Carnegie Mellon University November 11, 2008 Bryan Parno.
A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao Source: IEEE Comm. Letters 13 (5) (2009) Presenter: Yu-Chi Chen.

A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao Source: IEEE Comm. Letters 13 (5) (2009) Presenter: Yu-Chi Chen.
A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao (PR China) Source: IEEE Comm. Letters 13 (5) (2009) Presenter:

A novel and efficient unlinkable secret handshakes scheme Author: Hai Huang and Zhenfu Cao (PR China) Source: IEEE Comm. Letters 13 (5) (2009) Presenter:
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
802.1x EAP Authentication Protocols

802.1x EAP Authentication Protocols
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From : ePrint (August 2005) Author : Junghyun Nam, Seungjoo.

1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From : ePrint (August 2005) Author : Junghyun Nam, Seungjoo.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Similar presentations

Ads by Google