Human-computer cryptography: an attempt
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Secure Human Identification Protocols
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Cognitive Authentication Schemes Safe Against Spyware (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Design and evaluation of a shoulder-surfing resistant graphical password scheme
Proceedings of the working conference on Advanced visual interfaces
S3PAS: A Scalable Shoulder-Surfing Resistant Textual-Graphical Password Authentication Scheme
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Cryptanalysis of a Cognitive Authentication Scheme (Extended Abstract)
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
PAS: Predicate-Based Authentication Services Against Powerful Passive Adversaries
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Image-Feature Based Human Identification Protocols on Limited Display Devices
Information Security Applications
On the Security of PAS (Predicate-Based Authentication Service)
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Human identification through insecure channel
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
On the Matsumoto and Imai's human identification scheme
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
A new human identification protocol and coppersmith's baby-step giant-step algorithm
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Human identification through image evaluation using secret predicates
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
GeoEnc: geometric area based keys and policies in functional encryption systems
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Breaking undercover: exploiting design flaws and nonuniform human behavior
Proceedings of the Seventh Symposium on Usable Privacy and Security
A simple modeling method for mobile password schemes and its analysis
Proceedings of the 9th International Conference on Advances in Mobile Computing and Multimedia
| Hi-index | 0.00 |
Recently a convex hull based human identification protocol was proposed by Sobrado and Birget, whose steps can be performed by humans without additional aid. The main part of the protocol involves the user mentally forming a convex hull of secret icons in a set of graphical icons and then clicking randomly within this convex hull. In this paper we show two efficient probabilistic attacks on this protocol which reveal the user's secret after the observation of only a handful of authentication sessions. We show that while the first attack can be mitigated through appropriately chosen values of system parameters, the second attack succeeds with a non-negligible probability even with large system parameter values which cross the threshold of usability.