Abstract
My name is Max and I’ve been working on the Pico project with Frank and the rest of the team since last summer. We’ve just been hearing about some of the deployability advances we’ve been making with Pico, but I’m going to be talking about some security properties of Pico and similar schemes. Specifically I’m going to be talking about a type of relay attack one could carry out on such schemes, were they in common use, and how we’ve changed the way that Pico works to address this threat.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
“Method and System for Authenticating a User by Means of a Mobile Device (2009)” and “Login Using QR Code (2012)”.
- 2.
The term originally used by Olgierd was something like “login seizure attack”, but it wasn’t clear from the audio exactly what he’d said and we couldn’t find references to anything of this name. We decided to pick a new, more descriptive, term for it when writing the paper and it has been changed here for consistency.
- 3.
We thank Olgierd for pointing out this vulnerability and proposed solution. We discuss this in more detail at the end of Sect. 4.2 in our paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Spencer, M. (2014). Relay Attacks on Visual Code Authentication Schemes (Transcript of Discussion). In: Christianson, B., Malcolm, J., Matyáš, V., Švenda, P., Stajano, F., Anderson, J. (eds) Security Protocols XXII. Security Protocols 2014. Lecture Notes in Computer Science(), vol 8809. Springer, Cham. https://doi.org/10.1007/978-3-319-12400-1_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-12400-1_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12399-8
Online ISBN: 978-3-319-12400-1
eBook Packages: Computer ScienceComputer Science (R0)