• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>International Journal of Information Security >Cryptanalysis of the convex hull click human identification protocol
【24h】

Cryptanalysis of the convex hull click human identification protocol

机译:凸包点击人体识别协议的密码分析

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Recently, a convex hull-based human identification protocol was proposed by Sobrado and Birget, whose steps can be performed by humans without additional aid. The main part of the protocol involves the user mentally forming a convex hull of secret icons in a set of graphical icons and then clicking randomly within this convex hull. While some rudimentary security issues of this protocol have been discussed, a comprehensive security analysis has been lacking. In this paper, we analyze the security of this convex hull-based protocol. In particular, we show two probabilistic attacks that reveal the user's secret after the observation of only a handful of authentication sessions. These attacks can be efficiently implemented as their time and space complexities are considerably less than brute force attack. We show that while the first attack can be mitigated through appropriately chosen values of system parameters, the second attack succeeds with a non-negligible probability even with large system parameter values that cross the threshold of usability.
机译:最近,Sobrado和Birget提出了一种基于凸包的人类识别协议,其步骤可以由人类执行而无需其他帮助。该协议的主要部分涉及用户在一组图形图标中脑力形成秘密图标的凸包,然后在该凸包中随机单击。尽管已经讨论了该协议的一些基本安全性问题,但仍缺乏全面的安全性分析。在本文中,我们分析了这种基于凸包的协议的安全性。特别是,我们展示了两次概率攻击,这些攻击仅观察了少数身份验证会话即可揭示用户的秘密。这些攻击的时间和空间复杂度大大低于暴力攻击,因此可以有效实施。我们表明,虽然可以通过适当选择系统参数值来缓解第一次攻击,但即使使用超过可用性阈值的大系统参数值,第二次攻击也以不可忽略的概率成功。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号