Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Elliptic curves in cryptography
Elliptic curves in cryptography
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Loud and Clear: Human-Verifiable Authentication Based on Audio
ICDCS '06 Proceedings of the 26th IEEE International Conference on Distributed Computing Systems
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
A user-friendly approach to human authentication of messages
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised)
Hi-index | 0.00 |
We present a method to visualize and authenticate a cryptographically negotiated key for a secure phone call. That is, each caller is presented with a graphical representation of the key and through verbal interaction (i.e., side-channel authentication) they describe what they see. If they agree, the key is authenticated and the secure media session continues. The strength of the approach lies in the vocal recognition of the callers, and their ability to confirm the image displayed by their system. The necessary degree of visual recognition is achieved by using basic shapes, color and count. People, regardless of language or age, can easily identifying these images. Our experience shows that they can communicate what they see with little effort and terminate the call when they differ. We believe that this approach reverses the current trend in security to divest users from the underlying cryptographic principles supporting secure systems by abstracting these principles to a comprehensible and visual form. This paper demonstrates that visualization and the human factor can play a pivotal role in establishing a secure communication channel. This short paper discusses how a key is visualized and provides some initial user feedback. We have named this approach the Short Authentication SymbolS VisuallY (SASSY.)