On The Security And Usability Of Segment-Based Visual Cryptographic Authentication Protocols
CCS(2016)
摘要
Visual cryptography has been applied to design human computable authentication protocols. In such a protocol, the user and the server share a secret key in the form of an image printed on a transparent medium, which the user superimposes on server-generated image challenges, and visually decodes a response code from the image. An example of such protocols is Pass Window, an award-winning commercial product. We study the security and usability of segment based visual cryptographic authentication protocols (SVAPs), which include PassWindow as a particular case. In an SVAP, the images consist of segments and are thus structured. Our overall findings are negative. We introduce two attacks that together can break all SVAPs we considered in the paper. Moreover, our attacks exploit fundamental weaknesses of SVAPs that appear difficult to fix. We have also evaluated the usability of different SVAPs and found that the protocol that offers the best security has the poorest usability.
更多查看译文
关键词
Visual Cryptography,User Authentication,Attack
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络