Secure Authentication Schemes Suitable for an Associative Memory
Author(s): Daphna Weinshall

Date: 2004
Publication: Technical Report 2004-30
Publisher: Leibniz Center for Research in Computer Science
Source: Currently no known Internet copy of paper.

Abstract or Summary:
Most security protocols are designed to secure the interaction between computers. User authentication, an interaction between a computer and a human, merits a different approach since human memory is fundamentally associative. We describe here a secure authentication protocol which relies on picture recognition, a skill which people find relatively easy. The human and the computer share a secret, which is a set of 60-100 pictures. Authentication is done via a challenge-response protocol: the computer poses a sequence of challenges to the user, which can only be answered correctly by someone who knows the shared secret. Once the probability of random guessing goes below a fixed threshold, the computer authenticates the user. We report user studies showing that the protocol is feasible for humans to use, with high reliability and for a long period of time. We also describe probabilistic attacks on the protocol, which demonstrate the protocol's computational merits and limitations.

PasswordResearch.com Note: An updated version of this paper (Cognitive Authentication Schemes Safe Against Spyware) is available.


Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com