Abstract
AbstractIn this paper we present a new method of secure human-computer identification, which remains safe also in untrusted systems and environments. This method allows the elimination of any supplementary gadgets/devices or theft-sensitive biometric data used by the Multi-Factor Authentication (MFA), and using only one secret as a universal private key for all obtainable online accounts. However, the features of this solution make it best suited for use by an mobile authenticator or by Authentication Authority with the Single-Sign-On (SSO) method of identity and access management, rather than for individual services. Such a key is used by our innovative challenge-response protocol to generate One-Time-Password, e.g., 6-digit OTP, could be calculated by a human in only 15 s, also offline on paper documents with an acceptable level of security required for post-quantum symmetric cyphers, thanks to the hard lattice problem with noise introduced by our new method, which we call Learning with Options (LWO). The secret has the form of an outline like a kind of handwritten autograph, designed in invisible ink on the mapping grid. The password generation process requires following such an invisible contour on the challenge matrix created randomly by the verifier and reading values from secret fields to calculate the OTP.
Publisher
Springer International Publishing
Reference25 articles.
1. Lecture Notes in Computer Science;T Matsumoto,1991
2. Lecture Notes in Computer Science;NJ Hopper,2001
3. Madhavan, M., Thangaraj, A., Sankarasubramanian, Y., Viswanathan, K.: NLHB: A non-linear hopper-blum protocol. In: 2010 IEEE International Symposium on Information Theory, pp. 2498–2502 (2010)
4. Lecture Notes in Computer Science;A Juels,2005
5. Li, S., Shum, H.-Y.: Secure human-computer identification (Interface) systems against peeping attacks: SecHCI. IACR’s Cryptology ePrint Archive: Report 2005/268
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献