How to generate cryptographically strong sequences of pseudo-random bits
SIAM Journal on Computing
A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
The sciences of the artificial (3rd ed.)
The sciences of the artificial (3rd ed.)
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Secure Human Identification Protocols
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Practice-Oriented Provable Security
Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, July 1998
Humans in the Loop: Human-Computer Interaction and Security
IEEE Security and Privacy
Public-key support for group collaboration
ACM Transactions on Information and System Security (TISSEC)
Aligning Security and Usability
IEEE Security and Privacy
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks
SECPERU '06 Proceedings of the Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing
Fourth-factor authentication: somebody you know
Proceedings of the 13th ACM conference on Computer and communications security
Human-Machine Reconfigurations: Plans and Situated Actions
Human-Machine Reconfigurations: Plans and Situated Actions
The Emperor's New Security Indicators
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Provably secure browser-based user-aware mutual authentication over TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
The new school of information security
The new school of information security
POSH: a generalized captcha with security applications
Proceedings of the 1st ACM workshop on Workshop on AISec
Ceremonies Formal Analysis in PKI's Context
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
A comparative study of secure device pairing methods
Pervasive and Mobile Computing
Usability analysis of secure pairing methods
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
PUF-HB: a tamper-resilient HB based authentication protocol
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
How HCI design influences web security decisions
Proceedings of the 22nd Conference of the Computer-Human Interaction Special Interest Group of Australia on Computer-Human Interaction
Authenticating pervasive devices with human protocols
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
The Design of Everyday Things
What we talk about when we talk about context
Personal and Ubiquitous Computing
Hi-index | 0.00 |
We blend research from human-computer interface (HCI) design with computational based cryptographic provable security. We explore the notion of practice-oriented provable security (POPS), moving the focus to a higher level of abstraction (POPS+) for use in providing provable security for security ceremonies involving humans. In doing so we highlight some challenges and paradigm shifts required to achieve meaningful provable security for a protocol which includes a human. We move the focus of security ceremonies from being protocols in their context of use, to the protocols being cryptographic building blocks in a higher level protocol (the security ceremony), which POPS can be applied to. In order to illustrate the need for our approach, we analyse both a protocol proven secure in theory, and a similar protocol implemented by a financial institution, from both HCI and cryptographic perspectives.