Skip to main content
SpringerLink
Log in

Glass OTP: Secure and Convenient User Authentication on Google Glass

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8976))

Included in the following conference series:

Abstract

Wearable computing devices have become increasingly popular and while these devices promise to improve our lives, they come with new challenges. This paper focuses on user authentication mechanisms for the Google Glass device (Glass). Glass only has three sources of input: a camera, a microphone, and a touchpad. This limited set of interfaces makes the use of standard passwords infeasible or cumbersome. We therefore propose a One-Time-Password (OTP) authentication scheme, Glass OTP that uses the Glass camera to scan a QR code displayed on the user’s smartphone. We implement a proof of concept Glass lock screen which unlocks only upon scanning an OTP generated by the companion Android smartphone application. We also discuss the reliability, security, and convenience of the proposed solution as compared to the current solutions in use.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Fitbit, Inc. Fitbit Official Site. http://www.fitbit.com. Accessed 2 October 2014

  2. Google. Google Glass. http://www.google.com/glass. Accessed 20 September 2014

  3. Google. Google Developers Voice Input. https://developers.google.com/glass/develop/gdk/voice. Accessed 8 October 2014

  4. Google. Context Android Developers. http://developer.android.com/reference/android/content/Context.html. Accessed 1 October 2014

  5. Oracle. KeyGenerator (Java Platform SE 7). http://docs.oracle.com/javase/7/docs/api/javax/crypto/KeyGenerator.html. Accessed 1 October 2014

  6. Github, Inc. zxing/Zxing. https://github.com/zxing/zxing. Accessed 12 October 2014

  7. Github, Inc. kaze0/Bulletproof. https://github.com/kaze0/bulletproof. Accessed 10 October 2014

  8. Google. Screen Lock – Google Glass Help. https://support.google.com/glass/answer/4389349?hl=en. Accessed 8 October 2014

  9. Bonneau, J., Herley, C., van Oorschot, P.C., Stajano, F.: The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes. Microsoft. http://research.microsoft.com/pubs/161585/QuestToReplacePasswords.pdf

  10. Li, J., Isobe, T., Shibutani, K.: Converting MITM Preimage Attack into Pseudo Collision Attack: Application to SHA-2 (2012). Sony China Research Laboratory. Sony Corporation. http://fse2012.inria.fr/SLIDES/67.pdf

  11. M’Raihi, D., Machani, S., Pei, M., Rydell, J.: TOTP: Time-Based One-Time Password Algorithm. Int. Eng. Task Force (2011). https://tools.ietf.org/html/rfc6238

  12. Bluetooth SIG, Inc. Basics | Bluetooth Technology Website. http://www.bluetooth.com/Pages/Basics.aspx. Accessed 10 December 2014

  13. Google. Bluetooth Low Energy | Android Developers. https://developer.android.com/guide/topics/connectivity/bluetooth-le.html. Accessed 12 December 2014

  14. Ghose, A., Bhaumik, C., Chakravarty, T.: BlueEye – A System for Proximity Detection Using Bluetooth on Mobile Phones. UbiComp. http://www.ubicomp.org/ubicomp2013/adjunct/adjunct/p1135.pdf

  15. Google. Android 4.3 APIs | Android Developers. https://developer.android.com/about/versions/android-4.3.html. Accessed 16 December 2014

  16. Elenkov, N.: Jelly Bean hardware-backed credential storage. http://nelenkov.blogspot.com/2012/07/jelly-bean-hardware-backed-credential.html. Accessed 16 December 2014

  17. Google. On-Head Detection – Google Glass Help. https://support.google.com/glass/answer/3079857. Accessed 20 December 2014

  18. Apple. Apple – iPhone 6 – Touch ID. https://www.apple.com/iphone-6/touch-id/. Accessed 20 December 2014

  19. FinExtra. PayPal adds fingerprint authentication to more Samsung devices (2014). http://www.finextra.com/news/announcement.aspx?pressreleaseid=56577&topic=retail

  20. PewReseach Internet Project, Mobile Technology Fact Sheet. http://www.pewinternet.org/fact-sheets/mobile-technology-fact-sheet/

  21. Cnet, 72 percent say no to Google Glass because of privacy. http://www.cnet.com/news/72-percent-say-no-to-google-glass-because-of-privacy/

  22. Yadav, D.K., Ionascu, B., Ongole, S.V.K., Roy, A., Memon, N.: Design and analysis of shoulder surfing resistant PIN based authentication bechanisms on google glass. In: Wearable S&P 2015 (2015)

    Google Scholar 

Download references

Acknowledgments

This work was supported in part by the NSF (under grant 1228842). The views and conclusions contained in this document are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of any of the sponsors.

Author information

Authors and Affiliations

  1. NYU School of Engineering, New York, USA

    Pan Chan, Tzipora Halevi & Nasir Memon

Authors
  1. Pan Chan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tzipora Halevi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nasir Memon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pan Chan .

Editor information

Editors and Affiliations

  1. Leibniz Universität, Hannover, Germany

    Michael Brenner

  2. Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

    Nicolas Christin

  3. Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

    Benjamin Johnson

  4. New Jersey Institute of Technology, Newark, New Jersey, USA

    Kurt Rohloff

Rights and permissions

Reprints and permissions

Copyright information

© 2015 International Financial Cryptography Association

About this paper

Cite this paper

Chan, P., Halevi, T., Memon, N. (2015). Glass OTP: Secure and Convenient User Authentication on Google Glass. In: Brenner, M., Christin, N., Johnson, B., Rohloff, K. (eds) Financial Cryptography and Data Security. FC 2015. Lecture Notes in Computer Science(), vol 8976. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-48051-9_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-48051-9_22

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-48050-2

  • Online ISBN: 978-3-662-48051-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation