Skip to main content
Springer Nature Link
Log in

Human Identification Through Image Evaluation Using Secret Predicates

  • Conference paper
Topics in Cryptology – CT-RSA 2007 (CT-RSA 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4377))

Included in the following conference series:

  • 1185 Accesses

Abstract

The task of developing protocols for humans to securely authenticate themselves to a remote server has been an interesting topic in cryptography as a replacement for the traditional, less secure, password based systems. The protocols proposed in literature are based on some underlying difficult mathematical problem, which are tuned so as to make them easily computable by humans. As a result these protocols are easily broken when desired to be efficiently executable. We present a Human Identification Protocol based on the ability of humans to efficiently process an image given a secret predicate. It is a challenge-response protocol in which a subset of images presented satisfies a secret predicate shared by the challenger and the user. We conjecture that it is hard to guess this secret predicate for adversaries, both humans and programs. It can be efficiently executed by humans with the knowledge of the secret which in turn is easily memorable and replaceable. We prove the security of the protocol separately for human adversaries and programs based on two separate assumptions and justify these assumptions with the help of an example implementation.

This research was supported by the MIC (Ministry of Informations and Communications), Korea under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Assessment) incollaboration with SunMoon University. The corresponding author is Dr. Sungyoung Lee.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Matsumoto, T., Imai, H.: Human Identification through Insecure Channel. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 409–421. Springer, Heidelberg (1991)

    Google Scholar 

  2. Wang, C.H., Hwang, T., Tsai, J.J.: On the Matsumoto and Imai’s Human Identification Scheme. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 382–392. Springer, Heidelberg (1995)

    Google Scholar 

  3. Matsumoto, T.: Human-computer cryptography: An attempt. In: 3rd ACM Conference on Computer and Communications Security, pp. 68–75. ACM Press, New York (1996)

    Chapter  Google Scholar 

  4. Li, X.-Y., Teng, S.-H.: Practical Human-Machine Identification over Insecure Channels. Journal of Combinatorial Optimization 3, 347–361 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  5. Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. von Ahn, L., Blum, M., Hopper, N., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Li, S., Shum, H.-Y.: Secure Human-computer identification against Peeping Attacks (SecHCI): A Survey. Unpublished report, available at Elsevier’s Computer Science Preprint Server (2002)

    Google Scholar 

  8. Dhamija, R., Perrig, A.: Deja Vu: A user study using images for authentication. In: Proc. of the 9th USENIX Security Symposium, pp. 45–58 (2000)

    Google Scholar 

  9. ID Arts Inc: Passfaces - the Art of Identification. Visit: http://www.idarts.com

  10. Sorensen, V.: PassPic - Visual Password Management. Visit: http://www.authord.com/

  11. The CAPTCHA project: ESP-PIX. Visit, http://www.captcha.net/

  12. Weinshall, D.: Cognitive Authentication Schemes Safe Against Spyware (Short Paper). In: 2006 IEEE Symposium on Security and Privacy, pp. 295–300 (2006)

    Google Scholar 

  13. Golle, P., Wagner, D.: Cryptanalysis of a Cognitive Authentication Scheme. Cryptology ePrint Archive, Report 2006/258, http://eprint.iacr.org/

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Kyung Hee University, 449-701, Suwon, South Korea

    Hassan Jameel, Riaz Ahmed Shaikh & Sungyoung Lee

  2. Department of Computer Science and Engineering, Korea University Anam-dong, Seongbuk-gu, Seoul, 136-701, South Korea

    Heejo Lee

Authors
  1. Hassan Jameel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Riaz Ahmed Shaikh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Heejo Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sungyoung Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Sharing Platform Laboratories, NTT Corporation, Japan

    Masayuki Abe

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jameel, H., Shaikh, R.A., Lee, H., Lee, S. (2006). Human Identification Through Image Evaluation Using Secret Predicates. In: Abe, M. (eds) Topics in Cryptology – CT-RSA 2007. CT-RSA 2007. Lecture Notes in Computer Science, vol 4377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11967668_5

Download citation

  • DOI: https://doi.org/10.1007/11967668_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69327-7

  • Online ISBN: 978-3-540-69328-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics