photographic a uthentication through untrusted terminals
DESCRIPTION
Photographic A uthentication through Untrusted terminals . Authors: Trevor Pering, Murali Sundar John Light, Roy Want CS585 Feb 26,2009. The authors. Outline. Introduction Motivation and premise Security overview Experimental evaluation Discussion - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/1.jpg)
PHOTOGRAPHIC AUTHENTICATION THROUGH UNTRUSTED TERMINALS
Authors: Trevor Pering, Murali Sundar John Light, Roy Want
CS585Feb 26,2009
![Page 2: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/2.jpg)
THE AUTHORS
![Page 3: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/3.jpg)
OUTLINE Introduction Motivation and premise Security overview Experimental evaluation Discussion Future work
![Page 4: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/4.jpg)
INTRODUCTION
Public internet access points provide a convenient means to access the Internet, but they pose considerable security risks.
Solving method to the risks: Photographic authentication (PA): is a technique
that relies on personal photographs for authenticating user access.
![Page 5: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/5.jpg)
OVERVIEW (CONT.) How it works
Work in conjunction with a trusted “home server” that stores the user’s photographs and account information. The users identify themselves to the system, initiating
the authentication process with their home server The home server passes the necessary credentials to
the desired Web-service host
![Page 6: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/6.jpg)
OVERVIEW (CONT.)—EXAMPLE
![Page 7: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/7.jpg)
OVERVIEW (CONT.) —EXAMPLE: EXPLANATION The users selected the images that belonged
to them. The system presented photographs such as above figure. Because the home server manages the authentication process, the access terminal does not gain access to any unnecessary information, such as the user’s photographic databases. The system can not be compromised from public terminal. Thus, the attacker cannot break the authentication scheme.
![Page 8: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/8.jpg)
MOTIVATION AND PREMISE The need for more secure login mechanisms
that grant or deny access through untrusted terminals. While login, there are additional risk with using
public infrastructure. E.g. users check the status of their bank accounts,
they are potentially compromising both their account balance and account number. However, it is generally only necessary to display the account balance, not both.
![Page 9: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/9.jpg)
MOTIVATION AND PREMISE (CONT.) The need for alternative authentication
techniques because of the emerging mobile Internet.
A highly secure authentication technique would be overkill for a terminal which cannot guarantee the security of the data accessed. PA aims to be “secure enough” for casual data by providing the necessary level of security with compromising ease of use.
![Page 10: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/10.jpg)
MOTIVATION AND PREMISE (CONT.) The increased prevalence of digital photos
and the ease with which people can recognize photographic images.The popularity of digital photos have
recently exploded because of the widespread availability of affordable consumer grade cameras and computers capable of manipulating photos;
More people possess large personal image collections ;
Digital storage capacities are rapidly increasing
![Page 11: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/11.jpg)
SECURITY OVERVIEW
The PA implementation presented is about as secure as a six-digital password.
This means that there is a 1 in 106 chance that random guessing will be successful, a smaller chance than that of the personal identification numbers (PINs) which is 104;
![Page 12: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/12.jpg)
SECURITY OVERVIEW (CONT.)
The real vulnerability of photograph-based authentication is not numeric, but cognitive.
The attacker uses knowledge about the user in a cognitive attack
![Page 13: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/13.jpg)
SECURITY OVERVIEW (CONT.) PA is convenient, don’t carry a portable
electronic device, so there is no chance to damage the device
users simply walk up to a terminal and select from a few sequences of images presented to them on the screen;
Another technique requires users to carry a portable electronic device, such as a SecurID card, as a trusted authentication mechanism that would let them safely log in to an untrusted terminal using a one-time key generated by the device
![Page 14: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/14.jpg)
SECURITY OVERVIEW (CONT.)
PA is suited to providing access through semi-trusted or untrusted terminals, and also suited to trusted environments.
It only provides an easier means to access information than text-based authentication.
![Page 15: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/15.jpg)
EXPERIMENTAL EVALUATION Experiment conditions and process:
1. Two sets of experiment help to evaluate PA2. Converted all images to 400 X 300 resolution; 3. Simulated a standard login process to see
whether PA is feasible;4. Simulated an attack against the system to see if
it would hold up under a reasonable replay attack;
5. Conducted both the two experiments though a Web interface, and logged all transactions ;
![Page 16: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/16.jpg)
EXPERIMENTAL EVALUATION (CONT.)
![Page 17: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/17.jpg)
EXPERIMENTAL EVALUATION (CONT.) Authentication experiment
Goal: design the primary authentication test to see whether users could correctly distinguish their own images from those of others;
Result: Users can quickly and accurately identify their own
pictures Not require any learning
![Page 18: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/18.jpg)
EXPERIMENTAL EVALUATION (CONT.) Attack experiment
Goal: designed the login attack to simulate an attack on a user account by someone who had snooped on a previous authentication session by that user;
Result: (see blow figure) Have great variability of success rate and speed Indicate that most users’ image sets are relatively
immune to attack.
![Page 19: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/19.jpg)
EXPERIMENTAL EVALUATION (CONT.)
![Page 20: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/20.jpg)
EXPERIMENTAL EVALUATION (CONT.)
![Page 21: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/21.jpg)
EXPERIMENTAL EVALUATION (CONT.)
Conclusion:
Attackers fared significantly worse than the primary users at recognizing images
![Page 22: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/22.jpg)
DISCUSSION Overview; Replay attacks; Cognitive attacks; Coincident attacks; Compromised attacks; Polling attacks.
![Page 23: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/23.jpg)
DISCUSSION --OVERVIEW Security is the prime concern of any
authentication mechanism; PA is secure because it bases on recognition,
rather than memorization, there are no security leaks generated by people writing down password;
Exist ways such that the system can be compromised;
Exist drawback to the experiment, e.g., maybe the attackers is unskilled
![Page 24: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/24.jpg)
DISCUSSION (CONT.) -- REPLAY ATTACKS Definition: Replay attack, also known as
observer attack, consists of capturing part of a communication between two entities and playing back that information at a later time to compromise the system;
Property: PA is well suited to resist replay attacks through
untrusted terminals by varying the challenge image set each time;
PA is not completely immune to replay attacks because the images from one attempt might provide enough information to deduce the correct images in following attempts.
![Page 25: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/25.jpg)
DISCUSSION (CONT.) --COGNITIVE ATTACKS Including two kinds:
Similarity attack involves determining whether two images are pictures of the same thing;
Knowledge attack uses specific pieces of knowledge, such as knowing about a trip to Paris, to identify related pictures.
Property: cognitive attack is somewhat sensitive to
knowledge attacks because of the strong correlation between users’ lives and the pictures they keep;
A cognitive attack requires the perpetrators to think about the selections they are making instead of just picking images they recognize.
![Page 26: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/26.jpg)
DISCUSSION (CONT.) --COINCIDENT ATTACKS
Definition: Coincident attack is one in which an unscrupulous agent or proxy running on the untrusted terminal has access to a user’s data in parallel to the user actively operating the system.
Property: the window for a coincident attack begins after a successful authentication and ends when the user either explicitly logs out of the system or times out.
![Page 27: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/27.jpg)
DISCUSSION (CONT.) --COMPROMISED ATTACKS Definition: A compromised attack is one in which
the system’s integrity has already been compromised. E.g., the attacker has cracked the password or
identified the picture set; How to fix the system:
Select a new password in the case of text passwords; It is more difficult to a compromised PA system
because a user cannot forget pictures they have seen and suddenly recognize new ones; one way is to use a series of image subsets for the authentication process. When one subset becomes compromised, the user simply rotates to the next set.
![Page 28: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/28.jpg)
DISCUSSION (CONT.) --POLLING ATTACKS Definition: A polling attack is one in which
the authentication server is repeatedly accessed to gather information about the authentication account.
Property: In the case of text password, a polling attack is
similar to random or dictionary attacks, where trial passwords are thrown at the authentication mechanism to guess the correct password;
While for PA, this kind of attack could be used to glean the entire set of images used for authentication.
![Page 29: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/29.jpg)
FUTURE WORK PA is a novel technique for dealing with
public infrastructure, an emerging concern as mobile and fixed-infrastructure systems continue to evolve and merge:
Explore alternate image presentation and techniques for generating challenge image sets;
Improve the effectiveness of the challenge set by preprocessing images to remove obvious similarities between pictures;
Explore using trial time to filter attacks.
![Page 30: Photographic A uthentication through Untrusted terminals](https://reader035.vdocuments.mx/reader035/viewer/2022062302/5681675c550346895ddc2522/html5/thumbnails/30.jpg)
THANK YOU!!!