Skip to main content
SpringerLink
Log in

Relay Attacks on Visual Code Authentication Schemes (Transcript of Discussion)

  • Conference paper
  • First Online:
Security Protocols XXII (Security Protocols 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8809))

Included in the following conference series:

  • 728 Accesses

Abstract

My name is Max and I’ve been working on the Pico project with Frank and the rest of the team since last summer. We’ve just been hearing about some of the deployability advances we’ve been making with Pico, but I’m going to be talking about some security properties of Pico and similar schemes. Specifically I’m going to be talking about a type of relay attack one could carry out on such schemes, were they in common use, and how we’ve changed the way that Pico works to address this threat.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    “Method and System for Authenticating a User by Means of a Mobile Device (2009)” and “Login Using QR Code (2012)”.

  2. 2.

    The term originally used by Olgierd was something like “login seizure attack”, but it wasn’t clear from the audio exactly what he’d said and we couldn’t find references to anything of this name. We decided to pick a new, more descriptive, term for it when writing the paper and it has been changed here for consistency.

  3. 3.

    We thank Olgierd for pointing out this vulnerability and proposed solution. We discuss this in more detail at the end of Sect. 4.2 in our paper.

Author information

Authors and Affiliations

  1. University of Cambridge, Cambridge, UK

    Max Spencer

Authors
  1. Max Spencer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Max Spencer .

Editor information

Editors and Affiliations

  1. University of Hertfordshire, Hertfordshire, United Kingdom

    Bruce Christianson

  2. University of Hertfordshire, Hertfordshire, United Kingdom

    James Malcolm

  3. Masaryk University Faculty of Informatics, Brno, Czech Republic

    Vashek Matyáš

  4. Masaryk University Faculty of Informatics, Brno, Czech Republic

    Petr Švenda

  5. University of Cambridge, Cambridge, United Kingdom

    Frank Stajano

  6. Memorial University of Newfoundland, St. John's, Newfoundland and Labrador, Canada

    Jonathan Anderson

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Spencer, M. (2014). Relay Attacks on Visual Code Authentication Schemes (Transcript of Discussion). In: Christianson, B., Malcolm, J., Matyáš, V., Švenda, P., Stajano, F., Anderson, J. (eds) Security Protocols XXII. Security Protocols 2014. Lecture Notes in Computer Science(), vol 8809. Springer, Cham. https://doi.org/10.1007/978-3-319-12400-1_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12400-1_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12399-8

  • Online ISBN: 978-3-319-12400-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation