Article

The Untrusted Computer Problem and Camera-Based Authentication

Authors:

Ronald L. RivestAuthors Info & Claims

Pervasive '02: Proceedings of the First International Conference on Pervasive Computing

Pages 114 - 124

Published: 26 August 2002 Publication History

Abstract

The use of computers in public places is increasingly common in everyday life. In using one of these computers, a user is trusting it to correctly carry out her orders. For many transactions, particularly banking operations, blind trust in a public terminal will not satisfy most users. In this paper the aim is therefore to provide the user with authenticated communication between herself and a remote trusted computer, via the untrusted computer.After defining the authentication problem that is to be solved, this paper reduces it to a simpler problem. Solutions to the simpler problem are explored in which the user carries a trusted device with her. Finally, a description is given of two camera-based devices that are being developed.

References

[1]

Martin Abadi, Michael Burrows, C. Kaufman, and Butler W. Lampson. Authentication and delegation with smart-cards. In Theoretical Aspects of Computer Software , pages 326-345, 1991.

Crossref

Google Scholar

[2]

M. Burnside, D. Clarke, T. Mills, A. Maywah, S. Devadas, and R. Rivest. Proxy-based security protocols in networked mobile devices. In Proceedings SAC , 2002.

Crossref

Google Scholar

[3]

Rachna Dhamija and Adrian Perrig. Dejà vu: A user study using images for authentication. In Proceedings of the 9th USENIX Security Symposium , 2000.

Crossref

Google Scholar

[4]

Nicholas J. Hopper and Manuel Blum. A secure human-computer authentication scheme.

Google Scholar

[5]

Charlie Kaufman, Radia Perlman, and Mike Speciner. Network Security, Private Communication in a Public World . Prentice Hall PTR, 1995.

Crossref

Google Scholar

[6]

H. Krawczyk, M. Bellare, and R. Canetti. RFC 2104: HMAC: Keyed-hashing for message authentication, February 1997. Status: INFORMATIONAL.

Crossref

Google Scholar

[7]

Tsutomu Matsumoto. Human identification through insecure channel. In Theory and Application of Cryptographic Techniques , pages 409-421, 1991.

Crossref

Google Scholar

[8]

Tsutomu Matsumoto. Human-computer cryptography: An attempt. In ACM Conference on Computer and Communications Security , pages 68-75, 1996.

Crossref

Google Scholar

[9]

Moni Naor and Benny Pinkas. Visual authentication and identification. In CRYPTO , pages 322-336, 1997.

Crossref

Google Scholar

Cited By

View all

Hoffmann JUellenbeck SHolz T(2012)SMARTPROXYProceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment10.1007/978-3-642-37300-8_11(184-203)Online publication date: 26-Jul-2012
https://dl.acm.org/doi/10.1007/978-3-642-37300-8_11
Buccafurri FCaminiti GLax G(2011)Threats to legal electronic storageProceedings of the Second international conference on Electronic government and the information systems perspective10.5555/2033665.2033674(68-77)Online publication date: 29-Aug-2011
https://dl.acm.org/doi/10.5555/2033665.2033674
Fang CChang EGates CFranz MMcDermott J(2010)Securing interactive sessions using mobile device through visual channel and visual inspectionProceedings of the 26th Annual Computer Security Applications Conference10.1145/1920261.1920272(69-78)Online publication date: 6-Dec-2010
https://dl.acm.org/doi/10.1145/1920261.1920272
Show More Cited By

The Untrusted Computer Problem and Camera-Based Authentication
1. Security and privacy
  1. Security services

Recommendations

The acceptance and use of computer based assessment

The effective development of a computer based assessment (CBA) depends on students' acceptance. The purpose of this study is to build a model that demonstrates the constructs that affect students' behavioral intention to use a CBA. The proposed model, ...
Forward-secure signatures in untrusted update environments: efficient and generic constructions
CCS '07: Proceedings of the 14th ACM conference on Computer and communications security

Forward-secure signatures (FSS) prevent forgeries for past time periods when an attacker obtains full access to the signer's storage. To simplify the integration of these primitives into standard security architectures, Boyen, Shacham, Shen and Waters ...
Continuance acceptance of computer based assessment through the integration of user's expectations and perceptions

The Information Systems (IS) community has put considerable effort on identifying constructs that may explain the initial/continuance use of computer based learning or assessment systems. This study is a further step toward IS continuance acceptance ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

Pervasive '02: Proceedings of the First International Conference on Pervasive Computing

August 2002

296 pages

ISBN:3540440607

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 26 August 2002

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Hoffmann JUellenbeck SHolz T(2012)SMARTPROXYProceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment10.1007/978-3-642-37300-8_11(184-203)Online publication date: 26-Jul-2012
https://dl.acm.org/doi/10.1007/978-3-642-37300-8_11
Buccafurri FCaminiti GLax G(2011)Threats to legal electronic storageProceedings of the Second international conference on Electronic government and the information systems perspective10.5555/2033665.2033674(68-77)Online publication date: 29-Aug-2011
https://dl.acm.org/doi/10.5555/2033665.2033674
Fang CChang EGates CFranz MMcDermott J(2010)Securing interactive sessions using mobile device through visual channel and visual inspectionProceedings of the 26th Annual Computer Security Applications Conference10.1145/1920261.1920272(69-78)Online publication date: 6-Dec-2010
https://dl.acm.org/doi/10.1145/1920261.1920272
Buccafurri FCaminiti GLax GElçi AMakarevich OOrgun MChefranov APieprzyk JBryukhomitsky YÖrs S(2009)Fortifying the dalì attack on digital signatureProceedings of the 2nd international conference on Security of information and networks10.1145/1626195.1626262(278-287)Online publication date: 6-Oct-2009
https://dl.acm.org/doi/10.1145/1626195.1626262
Yue CWang HHelal SGellersen HConsolvo S(2009)SessionMagnifierProceedings of the 11th international conference on Ubiquitous computing10.1145/1620545.1620566(125-134)Online publication date: 30-Sep-2009
https://dl.acm.org/doi/10.1145/1620545.1620566
Saxena NUddin MVoris JCranor L(2008)Universal device pairing using an auxiliary deviceProceedings of the 4th symposium on Usable privacy and security10.1145/1408664.1408672(56-67)Online publication date: 23-Jul-2008
https://dl.acm.org/doi/10.1145/1408664.1408672
Ur Rahman SHengartner UIsmail UKeshav SToyama KSubramanian LAli M(2008)Practical security for rural internet kiosksProceedings of the second ACM SIGCOMM workshop on Networked systems for developing regions10.1145/1397705.1397710(13-18)Online publication date: 18-Aug-2008
https://dl.acm.org/doi/10.1145/1397705.1397710
Mannan MVan Oorschot P(2007)Using a personal device to strengthen password authentication from an untrusted computerProceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security10.5555/1785594.1785610(88-103)Online publication date: 12-Feb-2007
https://dl.acm.org/doi/10.5555/1785594.1785610
Surie APerrig ASatyanarayanan MFarber D(2007)Rapid Trust Establishment for Pervasive Personal ComputingIEEE Pervasive Computing10.1109/MPRV.2007.846:4(24-30)Online publication date: 1-Oct-2007
https://dl.acm.org/doi/10.1109/MPRV.2007.84
Zsolt Berta IButtyan LVajda I(2005)A Framework for the Revocation of Unintended Digital Signatures Initiated by Malicious TerminalsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2005.282:3(268-272)Online publication date: 1-Jul-2005
https://dl.acm.org/doi/10.1109/TDSC.2005.28
Show More Cited By

Abstract

References

Cited By

Recommendations

The acceptance and use of computer based assessment

Forward-secure signatures in untrusted update environments: efficient and generic constructions

Continuance acceptance of computer based assessment through the integration of user's expectations and perceptions

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Share

Share this Publication link

Share on social media

Affiliations