SEa AUF Images
Hassan Jameel and Heejo Lee
Korea University, Seoul
136-713, South KOREA
heejo (a) korea dot! ac dot! kr
hassan (a) oslab dot! khu dot! ac dot! kr
Excerpt
SEa AUF Images stands for "Secure and EAsy Authentication Using Features of Images". This project aims as providing an alternative method for user login when even the terminal used by the user is not secure from attacks such as shoulder surfing, network eavesdropping, key loggers, etc. Many a researchers have attempted to construct authentication mechanisms secure under such circumstances. Most of these schemes are impractical for human users without any external hardware aid. We have proposed a scheme which is user friendly as well as secure under the above mentioned attacks. The idea is simple: Since the images found in the world wide web describe millions of different things (which we call features), we can use one such feature as a secret shared between the user and the server. The server will then present a set of pictures and the user has to reply "yes" if the image contains the feature and "no" otherwise. The user is successfully authenticated in a session if a specified number of answers are correct. For the adversary, the task is to find the secret feature. We make things hard for the adversary by requiring the user to send shuffled answers according to a short 4-digit secret string of the user's choice as well as introducing dummy pictures in each run of the protocol. The resulting protocol is easy and fun to use.
See the SEa AUF Images at work
- Demo Low Quality
High Quality
This is a demonstration movie of how SEa AUF Images works. You can run the application by yourself using the prototype application below.
- SEa AUF Images
Test SEa AUF Images yourself. Currently we have a prototype implementation for our system which gives you the feel of how the authentication system works. Please read the instructions after clicking or else see the demo movie to see how you should proceed with the protocol steps.
- Publications:
- Conference Paper
Hassan Jameel, Riaz Ahmed Shaikh, Sungyoung Lee and Heejo Lee Human Identification through Image Evaluation using Secret Predicates to be published in Topics in Cryptology CT-RSA 2007, The Cryptographers Track at the RSA Conference 2007, San Francisco, CA, USA, February 5-9, 2007, Proceedings LNCS
- Journal Paper
Hassan Jameel, Heejo Lee and Sungyoung Lee, "Using Image Attributes for Human Identification Protocols", Submitted for publication, 2007. Technical report available at arXiv.org.
|