seeing-is-believing: using camera phones for human- verifiable authentication jonathan m. mccune...
TRANSCRIPT
![Page 1: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/1.jpg)
Seeing-Is-Believing:Seeing-Is-Believing:Using Camera Phones for Human-Using Camera Phones for Human-
Verifiable AuthenticationVerifiable Authentication
Jonathan M. McCune Adrian Perrig Michael Jonathan M. McCune Adrian Perrig Michael K. ReiterK. Reiter
Carnegie Mellon UniversityCarnegie Mellon University20052005
報告人:張淯閎報告人:張淯閎
![Page 2: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/2.jpg)
OutlineOutline
Related worksRelated worksAuthenticationAuthenticationBarcode Recognition with Camera PhonesBarcode Recognition with Camera Phones
Seeing-Is-BelievingSeeing-Is-Believing
![Page 3: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/3.jpg)
AuthenticationAuthentication
Authentication between two co-located entAuthentication between two co-located entities with no prior trust relationships.ities with no prior trust relationships.
Public key infrastructure relies on trusted cPublic key infrastructure relies on trusted certifiers.ertifiers.
Diffie-Hellman keyDiffie-Hellman keyMan-in-the-middleMan-in-the-middleEncrypted key exchangeEncrypted key exchange
![Page 4: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/4.jpg)
Barcode Recognition with Camera Barcode Recognition with Camera PhonesPhones
SiB depends on a camera phone and can SiB depends on a camera phone and can recognize 2D barcodes.recognize 2D barcodes.
2D code used in mobile phones can be re2D code used in mobile phones can be read from electronic screens and printed papad from electronic screens and printed paper(Rohs and Gfeller).er(Rohs and Gfeller).
Semacodes, which is a Data Matrix barcodSemacodes, which is a Data Matrix barcode standard(Woodside).e standard(Woodside).
HP Labs propose tagging electronics with HP Labs propose tagging electronics with barcode to be read by camera phones.barcode to be read by camera phones.
![Page 5: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/5.jpg)
Seeing-Is-BelievingSeeing-Is-Believing
A mobile phone’s integrated camera A mobile phone’s integrated camera serves as a visual channel to provide serves as a visual channel to provide identification of communicating devices.identification of communicating devices.
User identifies that other device visually.User identifies that other device visually.With 2D barcodesWith 2D barcodes
![Page 6: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/6.jpg)
Pre-Authentication and the Visual Pre-Authentication and the Visual channelchannel
SiB uses a visual channel instead of an invSiB uses a visual channel instead of an invisible channel, thus adding a direct human isible channel, thus adding a direct human factor.factor.
Pre-authentication data is used in both coPre-authentication data is used in both communicating parties in any standard publimmunicating parties in any standard public-key over the wireless link.(Figure1.)c-key over the wireless link.(Figure1.)
![Page 7: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/7.jpg)
Figure1. Pre-authentication over the visual channel. Ka is A’s public key, which can be either long-term or ephemeral,
depending the protocol.
![Page 8: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/8.jpg)
Bidirectional AuthenticationBidirectional Authentication
Without a trusted authorityWithout a trusted authorityDiffie-Hellman key exchange to establish a Diffie-Hellman key exchange to establish a
shared secretshared secretMutually authenticated one another’s publiMutually authenticated one another’s publi
c keysc keys
![Page 9: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/9.jpg)
Unidirectional AuthenticationUnidirectional Authentication
Figure2. Can a device of type X authenticate a device of type Y? We consider devices with cameras and displays(CD), cameras only
(C), displays only(D), and neither(N).
![Page 10: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/10.jpg)
SiB For Example SiB For Example
![Page 11: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/11.jpg)
Security AnalysisSecurity Analysis
Assumption that an attacker is unable to Assumption that an attacker is unable to perform an active attack on the visual perform an active attack on the visual channel.channel.
Unable to compromise the mobile device Unable to compromise the mobile device itself.itself.CryptographyCryptographySelecting an Authentication ChannelSelecting an Authentication Channel
![Page 12: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/12.jpg)
ConclusionConclusion
SiB is a system that uses barcodes and caSiB is a system that uses barcodes and camera phones as a visual channel for humamera phones as a visual channel for human-verifiable authentication.n-verifiable authentication.
Visual channel provides demonstrative ideVisual channel provides demonstrative identification of communicating parties,that usntification of communicating parties,that user assurance her device.er assurance her device.
SiB characteristic SiB characteristic
![Page 13: Seeing-Is-Believing: Using Camera Phones for Human- Verifiable Authentication Jonathan M. McCune Adrian Perrig Michael K. Reiter Carnegie Mellon University](https://reader030.vdocuments.net/reader030/viewer/2022032705/56649db95503460f94aa9ac7/html5/thumbnails/13.jpg)
Diffie-Hellman key exchangeDiffie-Hellman key exchange
n, g public valuen, g public valueBoth sides have his own value like X and Both sides have his own value like X and
Y (must a large number ).Y (must a large number ).Count Secrete Key gCount Secrete Key gxyxy
AliceBob
Count:(gy mod n)x = gxy mod n
Count:(gx mod n)y = gxy mod n
n, g, gx mod n
gy mod n