Biblioteca Digital

Formalising human recognition : a fundamental building block for security proofs

**Autoria(s):** Radke, Kenneth; Boyd, Colin; Gonzalez Nieto, Juan; Manulis, Mark; Stebila, Douglas
Data(s)	20/01/2014
Resumo	A fundamental part of many authentication protocols which authenticate a party to a human involves the human recognizing or otherwise processing a message received from the party. Examples include typical implementations of Verified by Visa in which a message, previously stored by the human at a bank, is sent by the bank to the human to authenticate the bank to the human; or the expectation that humans will recognize or verify an extended validation certificate in a HTTPS context. This paper presents general definitions and building blocks for the modelling and analysis of human recognition in authentication protocols, allowing the creation of proofs for protocols which include humans. We cover both generalized trawling and human-specific targeted attacks. As examples of the range of uses of our construction, we use the model presented in this paper to prove the security of a mutual authentication login protocol and a human-assisted device pairing protocol.
Formato	application/pdf
Identificador	http://eprints.qut.edu.au/64590/
Publicador	Australian Computer Society Inc.
Relação	http://eprints.qut.edu.au/64590/1/radke_AISC2014.pdf http://crpit.com/Vol149.html Radke, Kenneth, Boyd, Colin, Gonzalez Nieto, Juan, Manulis, Mark, & Stebila, Douglas (2014) Formalising human recognition : a fundamental building block for security proofs. In Proceedings of the Twelfth Australasian Information Security Conference (AISC 2014) [Conferences in Research and Practice in Information Technology, Volume 149], Australian Computer Society Inc. , Auckland, New Zealand, pp. 37-45.
Direitos	Copyright 2014 Australian Computer Society, Inc. This paper appeared at the Australasian Information Security Conference (ACSW-AISC 2014), Auckland, New Zealand, January 2014. Conferences in Research and Practice in Information Technology (CRPIT), Vol. 149, Udaya Parampalli and Ian Welch, Ed. Reproduction for academic, not-for-profit purposes permitted provided this text is included.
Fonte	School of Electrical Engineering & Computer Science; Institute for Future Environments; Science & Engineering Faculty
Palavras-Chave	#080303 Computer System Security #Ceremony #Human protocol #provable security #HTTPS #TLS #Authentication #HPA #protocol
Tipo	Conference Paper

Acesso ao item digital