Security through a different kind of obscurity
作者: Eiji Hayashi , Jason Hong , Nicolas Christin
关键词:
摘要: While a large body of research on image-based authentication has focused memorability, comparatively less attention been paid to the new security challenges these schemes may introduce. Because images can convey more information than text, be vulnerable educated guess attacks passwords. In this paper, we evaluate resilience recognition-based graphical scheme using distorted against two types through user studies. The first study, consisting 30 participants, investigates whether distortion prevents primarily based about individual users. second Amazon Mechanical Turk, mitigates risk collective Our results show that without are attacks, especially when target is known, and makes resilient attacks.
acm.org
sci-hub.se 参考文章(24)
Sacha Brostoff, M Angela Sasse, Are Passfaces More Usable Than Passwords? A Field Trial Investigation People and Computers XIV — Usability or Else!. pp. 405- 424 ,(2000) , 10.1007/978-1-4471-0515-2_27
Susan Wiedenbeck, Jim Waters, Authentication Using Graphical Passwords: Basic Results ,(2005)
Fabian Monrose, Ian Jermyn, Aviel D. Rubin, Michael K. Reiter, Alain Mayer, The design and analysis of graphical passwords usenix security symposium. pp. 1- 1 ,(1999)
Fabian Monrose, Darren Davis, Michael K. Reiter, On user choice in graphical password schemes usenix security symposium. pp. 11- 11 ,(2004)
Rachna Dhamija, Adrian Perrig, Déjà Vu: a user study using images for authentication usenix security symposium. pp. 4- 4 ,(2000)
Roger N. Shepard, Recognition memory for words, sentences, and pictures Journal of Verbal Learning and Verbal Behavior. ,vol. 6, pp. 156- 163 ,(1967) , 10.1016/S0022-5371(67)80067-7
Lionel Standing, Jerry Conezio, Ralph Norman Haber, Perception and memory for pictures: Single-trial learning of 2500 visual stimuli Psychonomic Science. ,vol. 19, pp. 73- 74 ,(1970) , 10.3758/BF03337426
Lionel Standing, Learning 10,000 pictures. Quarterly Journal of Experimental Psychology. ,vol. 25, pp. 207- 222 ,(1973) , 10.1080/14640747308400340
Ariel Rabkin, Personal knowledge questions for fallback authentication Proceedings of the 4th symposium on Usable privacy and security - SOUPS '08. pp. 13- 23 ,(2008) , 10.1145/1408664.1408667
Alvin G. Goldstein, June E. Chance, Visual recognition memory for complex configurations Attention Perception & Psychophysics. ,vol. 9, pp. 237- 241 ,(1971) , 10.3758/BF03212641