Napredna pretraga

Pregled bibliografske jedinice broj: 423814

SSSL: Shoulder Surfing Safe Login


Perković, Toni; Čagalj, Mario; Rakić, Nikola
SSSL: Shoulder Surfing Safe Login // Proceedings of the SoftCOM 2009 (International Conference on Software, Telecommunication and Computer Networks), co-sponsored by the IEEE Computer Society (IEEE-CS)
Split-Hvar-Korcula, 2009. (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)


Naslov
SSSL: Shoulder Surfing Safe Login

Autori
Perković, Toni ; Čagalj, Mario ; Rakić, Nikola

Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni

Izvornik
Proceedings of the SoftCOM 2009 (International Conference on Software, Telecommunication and Computer Networks), co-sponsored by the IEEE Computer Society (IEEE-CS) / - , 2009

Skup
International Conference on Software, Telecommunication and Computer Networks - (SoftCOM'09), co-sponsored by the IEEE Computer Society (IEEE-CS), 2009

Mjesto i datum
Split-Hvar-Korcula, 24-26.09.2009

Vrsta sudjelovanja
Predavanje

Vrsta recenzije
Međunarodna recenzija

Ključne riječi
Security; shoulder surfing; usability

Sažetak
Classical PIN-entry methods are vulnerable to a broad class of observation attacks (shoulder surfing, key-logging). A number of alternative PIN-entry methods that are based on human cognitive skills have been proposed. These methods can be classified into two classes regarding information available to a passive adversary: (i) the adversary fully observes the entire input and output of a PIN-entry procedure, and (ii) the adversary can only partially observe the input and/or output. In this paper we propose a novel PIN-entry scheme - Shoulder Surfing Safe Login (SSSL). SSSL is a challenge response protocol that allows a user to login securely in the presence of the adversary who can observe (via key-loggers, cameras) user input. This is accomplished by restricting the access to SSSL challenge values. Compared to existing solutions, SSSL is both user-friendly (not mentally demanding) and cost efficient. Our usability study reveals that the average login time with SSSL is around 8 sec in a 5-digit PIN scenario. We also show the importance of considering side-channel timing attacks in the context of authentication schemes based on human cognitive skills.

Izvorni jezik
Engleski

Znanstvena područja
Elektrotehnika, Računarstvo



POVEZANOST RADA


Projekt / tema
023-0231924-1660 - NAPREDNE HETEROGENE MREŽNE TEHNOLOGIJE (Dinko Begušić, )

Ustanove
Fakultet elektrotehnike, strojarstva i brodogradnje, Split