Slides: Logging safely in public spaces using color PINs

Logging safely in public spaces

using attribute PINs

Frank [email protected]

5793b870

Sony Computer Science Laboratories, Inc.

2013

c© 2013 Frank Nielsen, Sony Computer Science Laboratories, Inc. 1/17

Logging, the need for a secure UI...

We daily use...

◮ more and more cloud services...

◮ Internet terminals in public spaces...

→ threats of passwords being stolen (yielding identity theft!).

Many potential threats:

◮ shoulder-surfing attacks

◮ concealed spy cameras (video surveillance)

◮ spyware (key and mouse loggers)


Tokens, biometrics and secure UI...

Current mainstream solution:

◮ One Time passwords (OTPs), physical token (can be stolenor borrowed too!), or

◮ biometrics (expensive)+PINs

Our proposal: Design a secure UI with zero-knowledge usingassociative PINs: A UI PIN associated to a USR PIN (both secret).→ robust by design to mouse loggers and video captures.


Associative PINs

Concept = Two graphics keyboards:

◮ Fixed digit board (or letters, icons, etc.)

◮ Moveable cursor letter board (or digits, icons, etc.)

Task (Human): Align the cursor to the corresponding digit

◮ Origin is chosen at random (keylogger cannot replay mousemotions).

◮ Torus topology for wrapping the moveable cursor board.


Example (shuffling the fixed digit board after each input)

3141 3141CAHB CAHB

3141 3141CAHB CAHB


2× 5 keyboard layout

◮ Implemented in Processing, processing.org

◮ Wrapping the cursor operating system on the screen edges(for endless smooth toric motion) using JavaTM Robot class


processing.org

Torus topology/mouse origin


Some extensions of the basic AssociativePIN system

◮ Use legacy password systems (split in half the password intoPASSWD and USR-PASSWD parts),

◮ Graphics board skins,

◮ Cursor control using another device,

◮ Free users from remembering another UI PASSWD: GenerateOne-time UI PASSWDS from user profiles.


Graphics skins: Colors/Icons on fixed Digits


Generating UI passwords from user profiles

To help user memorize the UI password and generate many UIpasswords, we define a user profile by asking a set of k questions,each with n choices like what is her favorite food, favorite place,favorite color, favorite celebrity, favorite movie, favorite music, etc.

Each time the user enters a key, the moveable cursor skin changesto the next mode: food→place→color→celebrity→movie→music,...

Furthermore, for k-length passwords, we generate a randompermutation on the question orders (yielding k! UI passwords)However less secure when observers know or guess his/herpreferences.


Prior work (I)

◮ CursorCamouflage [11]: set of dummy cursors that makes itdifficult for observers to correlate with the user hand motion.

◮ Convex Hull Pass Icons [12]: enter password with pass-icons

blended with other icons on a 2D layout; The user is requiredto pass several challenges where each challenge asks to clickinside the convex hull of the pass icons.

◮ Cognitive Trapdoor Games [8]: select on which set the currentPIN code digit is contained. After a few selections, the systemknows by “intersecting” the challenge subsets which digit wasentered, and proceed for entering the next digit, etc.

◮ FakeCursor [9]: The FakeCursor system manages a fixedsecret and a disposal secret: enter pin code by aligning thesecret digit on the fixed disposal icons using left/rightATM-like arrow buttons. We can interpret FakeCursor as adiscrete UI working on the 1D ring topology.


Prior work (II)

◮ ColorPin [3]: PIN entry system using color PINs relying onkeyboard interactions. At the bottom of each digit, threecolored letters (black, red and white) are shown. Each letterappears in all three different colors for security reasons. Theuser enters the color PIN by pressing corresponding keyboardkeys.

◮ Login systems designed based on eye gaze input [6]

◮ PIN Tactons [7]. Well-suited for visually impaired people.

◮ etc.


Potential security threats

◮ UI PASSWORD too simple

◮ gaze tracking and advanced computer vision: guess whichpart were “intentionally” aligned by observing the user’ eyes.→ risk minimized by showing a small board size.


Videos/Software

http://www.sonycsl.co.jp/person/nielsen/ColorPINs/

http://www.youtube.com/watch?v=IDgaH-ilUCw

@article{ColorPINS,

author = {Frank Nielsen},

title = {Logging safely in public spaces using color PINs},

journal = {CoRR},

volume = {abs/1304.6499},

year = {2013},

ee = {http://arxiv.org/abs/1304.6499}

}


http://www.sonycsl.co.jp/person/nielsen/ColorPINs/

Bibliographic references I

William Cheswick.

Rethinking passwords.

Commun. ACM, 56(2):40–44, February 2013.

John Chuang, Hamilton Nguyen, Charles Wang, and Benjamin Johnson.

I think, therefore i am: Usability and security of authentication using brainwaves.

In Proceedings of the Workshop on Usable Security, USEC ’13, 2013.

Alexander De Luca, Katja Hertzschuch, and Heinrich Hussmann.

Colorpin: securing pin entry through indirect input.

In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI ’10, pages1103–1106, New York, NY, USA, 2010. ACM.

Yutaka Hirakawa, Motohiro Take, and Kazuo Ohzeki.

Pass-image authentication method tolerant to random and video-recording attacks.

International Journal of Computer Science & Applications (IJCSA), 9(3):20–36, 2012.

B. Kaliski.

Pkcs #5: Password-based cryptography specification version 2.0 (rfc), 2000.

Manu Kumar, Tal Garfinkel, Dan Boneh, and Terry Winograd.

Reducing shoulder-surfing by using gaze-based password entry.

In Proceedings of the 3rd symposium on Usable privacy and security, SOUPS ’07, pages 13–19, New York,NY, USA, 2007. ACM.


Bibliographic references II

Xuan-Linh Labbe.

Touchscreen accessibility - accessible and secure authentication using a haptic PIN.

Master’s thesis, University of Glasgow, 2010.

Volker Roth, Kai Richter, and Rene Freidinger.

A PIN-entry method resilient against shoulder surfing.

In Proceedings of the 11th ACM conference on Computer and communications security, CCS ’04, pages236–245, New York, NY, USA, 2004. ACM.

Tetsuji Takada.

Fakepointer: An authentication scheme for improving security against peeping attacks using video cameras.

In Proceedings of the 2 Second International Conference on Mobile Ubiquitous Computing, Systems,Services and Technologies, UBICOMM ’08, pages 395–400, Washington, DC, USA, 2008. IEEE ComputerSociety.

Tetsuji Takada.

Fakepointer: An authentication scheme for improving security against peeping attacks using video cameras.

In Proceedings of the 2008 The Second International Conference on Mobile Ubiquitous Computing,Systems, Services and Technologies, UBICOMM ’08, pages 395–400, Washington, DC, USA, 2008. IEEEComputer Society.

Keita Watanabe, Fumito Higuchi, Masahiko Inami, and Takeo Igarashi.

CursorCamouflage: Multiple dummy cursors as a defense against shoulder surfing.

In SIGGRAPH Asia 2012 Emerging Technologies, SA ’12, pages 6:1–6:2, New York, NY, USA, 2012. ACM.


Bibliographic references III

Susan Wiedenbeck, Jim Waters, Leonardo Sobrado, and Jean-Camille Birget.

Design and evaluation of a shoulder-surfing resistant graphical password scheme.

In Proceedings of the working conference on Advanced visual interfaces, AVI ’06, pages 177–184, New York,NY, USA, 2006. ACM.


Date post:	05-Dec-2014
Category:	Technology
Upload:	frank-nielsen
View:	281 times
Download:	2 times

Slides: Logging safely in public spaces using color PINs

Technology