Secure Authentication Schemes Suitable for an Associative Memory
Author(s): Daphna Weinshall

Date: 2004
Publication: Technical Report 2004-30
Publisher: Leibniz Center for Research in Computer Science
Source: Currently no known Internet copy of paper.

Abstract or Summary:
Most security protocols are designed to secure the interaction between computers. User authentication, an interaction between a computer and a human, merits a different approach since human memory is fundamentally associative. We describe here a secure authentication protocol which relies on picture recognition, a skill which people find relatively easy. The human and the computer share a secret, which is a set of 60-100 pictures. Authentication is done via a challenge-response protocol: the computer poses a sequence of challenges to the user, which can only be answered correctly by someone who knows the shared secret. Once the probability of random guessing goes below a fixed threshold, the computer authenticates the user. We report user studies showing that the protocol is feasible for humans to use, with high reliability and for a long period of time. We also describe probabilistic attacks on the protocol, which demonstrate the protocol's computational merits and limitations. Note: An updated version of this paper (Cognitive Authentication Schemes Safe Against Spyware) is available.

Do you have additional information to contribute regarding this research paper? If so, please email with the details.

<-- Back to Authentication Research Paper Index

[Home] [About Us] [News] [Research]

Copyright © 2016