Undercover: Authentication Usable in Front of Prying Eyes

1
Undercover Authentication Usable in Front of
Prying Eyes

• Hirokazu Sasamoto
• Nicolas Christin
• Eiji Hayashi
• Carnegie Mellon CyLab Japan

2

• Overview
• Concept
• Design
• Evaluation

3

• Overview
• Concept
• Design
• Evaluation

4
(No Transcript)
5
Actual Observation Attack
Camcorder
6
Problem to address

• Observation attack stealing authentication token
  by observing users behavior.
• Example of instances
• Eavesdropping
• Shoulder surfing
• Spyware
• Far from being limited to ATM devices!

7
Observation is,

• Easy to carry out
• Difficult to prevent, and
• Effective circumvention of authentication system

8
(No Transcript)
9
Related works

• Cognitive trapdoor gameRoth et al., 2004
• Convex Hull Click SchemeWiedenbeck et al., 2006
• Cognitive Authentication SchemesWeinshall et
  al., 2006

10
Cognitive trapdoor game
A PIN entry method resilient against shoulder
surfing., V. Roth et al, Computer and
Communications Security, 2004.
11
Convex Hull Click Scheme
Design and Evaluation of a Shoulder-Surfing
Resistant Graphical Password Scheme, S.
Wiedenbeck et al, Proceedings of the working
conference on Advanced visual interfaces, 2006
12

• Overview
• Concept
• Design Process
• Evaluation

13
Current Solution to Observation Attack
Authentication System
Generate Challenge
User
Generate Response
14
Proposed Solution to Observation Attack
Authentication System
Generate Challenge
User
Generate Response
15
Simple Analogy
Is the first digit of your secret code is 1?
Yes
No
Tell a lie
?
Authentication System
User
Attacker
16
Challenge

• Designing hidden channel is key

17

• Overview
• Concept
• Design
• Evaluation

18
Designing Hidden Channel

• Requirements
• Should be hidden from an observer
• Should be easy to acquire by a legitimate user
• Should convey enough information to keep the
  number of challenges small
• Tactile display meets these requirements best

19
Designing Tactile Display

• Contact-based vs. Friction-based ?
• Simplicity vs. of challenge ?
• Decided based on Lo-Fi test

20
Contact-based vs. Friction-based
21
Simplicity vs. of Challenges
22
Undercover
23
Undercover Analogy
E
D E A B C
?
Authentication System
User
Attacker
24
Authentication Process
25
Hidden Channel
26
Inside of Tactile Display
27

• Overview
• Concept
• Design Process
• Evaluation

28
Evaluation Overview

• 38 participants
• Within subject design
• Usability and Security

29
Test Procedure

• Training Phase
• 15 min
• Authentication Phase
• Undercover
• Control Phase
• 4 digit secret code

30
Test Environment
Camera 2
Laptop
Table
Camera 1
Tactile Device
Participant
31
Evaluation

• Usability
• Authentication time
• Failed challenge rate
• Security
• Success rate of observation attack

32
Usability
72
32
23
3.2
33
Usability
Cited from their papers
4.5
0.6
2.1
N/A
34
Security
100
22
N/A
N/A
35
Type of Information Leakage
14.7 Pointing the diagram
6.4 Hand movement
0.9 Saying something
532 trials
3.9 Combination
74.1 No leakage
There is no correlation between information
leakage and error rate
36
Other Findings in Evaluation

• Usability
• Improving tactile display will reduce
  authentication time and decrease error rate
• Security
• Education will prevent information leakage while
  maintaining current error rates

37
Future work

• Design better tactile device
• Reduce authentication time
• Decrease error rate
• Larger usability test
• Evaluate effect of education

38
Summary of contributions

• Proposed observation attack resilient
  authentication scheme
• Showed design procedure of security system
• Performed full evaluation of the system
• Demonstrated humans handle multisensory inputs
  well
• Demonstrated Undercover is resilient against
  powerful observation attacks
• No correlation between the information leakage
  and error rate

39
Thank you for listening
Contact Information