Skip to main content
SpringerLink
Log in

Detecting Failed Attacks on Human-Interactive Security Protocols

  • Conference paper
  • First Online:
Security Protocols XXIV (Security Protocols 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10368))

Included in the following conference series:

Abstract

One of the main challenges in pervasive computing is how we can establish secure communication over an untrusted high-bandwidth network without any initial knowledge or a Public Key Infrastructure. An approach studied by a number of researchers is building security though involving humans in a low-bandwidth “empirical” out-of-band channel where the transmitted information is authentic and cannot be faked or modified. A survey of such protocols can be found in [9]. Many protocols discussed there achieve the optimal amount of authentication for a given amount of human work. However it might still be attractive to attack them if a failed attack might be misdiagnosed as a communication failure and therefore remain undetected. In this paper we show how to transform protocols of this type to make such misdiagnosis essentially impossible. We introduce the concept of auditing a failed protocol run and show how to enable this.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In a more extreme case, Eve may be in a position to control both runs’ strings and use a birthday-style attack.

  2. 2.

    If the value x has had to be salted to make the delay secure, it would then be necessary for the direct communication of x to include the salt as well.

  3. 3.

    These are exactly the primes in which cubing \(x^3\) is invertible. Squaring is not invertible for primes other than 2.

  4. 4.

    The calculation of \(x^3\) will clearly take more time, the more digits there are. Note that there are multiplication algorithms faster than the usual “schoolbook” one that can be expected to give significant advantages when p is very long.

References

  1. Time-Lock Encryption (2011). http://www.gwern.net/Self-decrypting

  2. Wikipedia article on ZRTP. https://en.wikipedia.org/wiki/ZRTP

  3. Bangdao, C., Roscoe, A.W.: Mobile electronic identity: securing payment on mobile phones. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 22–37. Springer, Heidelberg (2011). doi:10.1007/978-3-642-21040-2_2

    Chapter  Google Scholar 

  4. Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  5. Hoepman, J.-H.: Ephemeral pairing on anonymous networks. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 101–116. Springer, Heidelberg (2005). doi:10.1007/978-3-540-32004-3_12

    Chapter  Google Scholar 

  6. Hoepman, J.-H.: The ephemeral pairing problem. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 212–226. Springer, Heidelberg (2004). doi:10.1007/978-3-540-27809-2_22

    Chapter  Google Scholar 

  7. Nguyen, L.H., Roscoe, A.W.: Efficient group authentication protocol based on human interaction. In: Proceedings of the Joint Workshop on Foundation of Computer Security and Automated Reasoning Protocol Security Analysis (FCS-ARSPA 2006), pp. 9–31 (2006)

    Google Scholar 

  8. Nguyen, L.H., Roscoe, A.W.: Authenticating ad-hoc networks by comparison of short digests. Inf. Comput. 206(2–4), 250–271 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  9. Nguyen, L.H., Roscoe, A.W.: Authentication protocols based on low-bandwidth unspoofable channels: a comparative survey. J. Comput. Secur. 19(1), 139–201 (2011)

    Article  Google Scholar 

  10. Nguyen, L.H., Roscoe, A.W.: Short-output universal hash functions and their use in fast and secure data authentication. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 326–345. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34047-5_19

    Chapter  Google Scholar 

  11. Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto (1996). http://bitsavers.trailing-edge.com/pdf/mit/lcs/tr/MIT-LCS-TR-684.pdf

  12. Roscoe, A.W.: Human-centred computer security (2005). http://web.comlab.ox.ac.uk/oucl/work/bill.roscoe/publications/113.pdf

  13. Vaudenay, S.: Secure communications over insecure channels based on short authenticated strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005). doi:10.1007/11535218_19

    Chapter  Google Scholar 

  14. Zimmerman, P.: ZRTP (2010). https://tools.ietf.org/html/draft-zimmermann-avt-zrtp-22

Download references

The author thanks Long Nguyen, Peter Ryan, Catherine Meadows and Thomas Gibson-Robinson for useful conversations on this work.

Author information

Authors and Affiliations

  1. Department of Computer Science, Oxford University, Oxford, OX1 3QD, UK

    A. W. Roscoe

Authors
  1. A. W. Roscoe
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to A. W. Roscoe .

Editor information

Editors and Affiliations

  1. Memorial University, St. John’s, Newfoundland and Labrador, Canada

    Jonathan Anderson

  2. Faculty of Informatics, Masaryk University, Brno, Czech Republic

    Vashek Matyáš

  3. University of Hertfordshire, Hertfordshire, United Kingdom

    Bruce Christianson

  4. University of Cambridge, Cambridge, United Kingdom

    Frank Stajano

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Roscoe, A.W. (2017). Detecting Failed Attacks on Human-Interactive Security Protocols. In: Anderson, J., Matyáš, V., Christianson, B., Stajano, F. (eds) Security Protocols XXIV. Security Protocols 2016. Lecture Notes in Computer Science(), vol 10368. Springer, Cham. https://doi.org/10.1007/978-3-319-62033-6_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-62033-6_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-62032-9

  • Online ISBN: 978-3-319-62033-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation