Title: IMAGE-BASED AUTHENTICATION
1IMAGE-BASED AUTHENTICATION
Richard E. Newman, Piyush Harsh, and Prashant
Jayaraman
2Human Authentication
- What you are (biometric)
- What you have (token)
- What you know (password)
3Problems with Passwords
- Meaningful
- Word of mouth transfer
- Sticking it near workstation
- Image-based authentication (IBA) can solve these
4Definitions
- Image Space (IS) the set of all images used by
the IBA system. - Individual Image Set (IISa) the set of images
that a user Alice (a) chooses to authenticate
herself. - Key Image any image in a user's IIS.
- Presentation Set (PS) the set of images
presented to Alice (from which the key images
must be selected) for a given authentication
attempt. - PS_i the ith subset of PS presented to Alice
during a run PS U PS_i
5Architecture
- Authentication User Agent (AUA)
- Authentication Server (AS)
- The communication between them is encrypted
using authenticated Diffie-Hellman -
- The AS is assumed to be a part of the Trusted
Computing Base
6Basic Protocol - Initialize
Image Set Selection
- Alice selects n images (n is set by the
administrator, Bob) - Bob stores the image set at the AS
Presentation Subsets
- Bob picks one image from IISa and some other
images from IS-IISa for each PS_i - Alice picks the IISa image from each PS_i
7Basic Protocol - Authenticate
Authentication
- A?B UsernameAlice
- B?A Presentation set for Round 1, PS1.
- A?B Identified image.
- B?A Presentation set for Round 2, PS2.
- A?B Identified image.
- ...
- B?A Presentation set for Round R, PSR.
- A?B Identified image.
- If all R steps are successful, Bob authenticates
Alice
8Attacks
- Image-based authentication is not foolproof
- The are four points of vulnerability
- information stored on the AS
- information sent between the AS and the AUA
- the output at the AUA
- the input at the AUA.
9Keystroke Logging AUA Input
- Eve can observe or log Alices keystrokes and
later authenticate herself as Alice.
Counter
- Display the images in random order
- - keystrokes are are only meaningful for this
PS in this display order
10Shoulder Surfing AUA Output Logging
- Eve can observe Alices screen (during the
authentication process)and later authenticate
herself as Alice.
Counter
- Display the image when the mouse is over it.
Otherwise, gray out the image - If input is hidden, then which image is selected
is not known only get PS_is - More on PS-based attacks later
11TEMPEST Attack AUA Output
- Electromagnetic emanations from the output are
used to recreate the screen a distance away.
Counter
- Use contrasting colors that a person can easily
distinguish, but which look the same to the
eavesdropper. - Blur the images.
- Add random noise to the images.
12Brute Force Attack
- Select every possible combination.
- Note that dictionary attack is impossible.
Counters
- Keep IIS and IS large
- Attack cannot be done offline
13Frequency Correlation Attack Presentation Sets
Intersection Attack
- The IS is large, and PS_is are chosen randomly
(with one image from IIS). Any image that repeats
across attempts, is very likely to be a part of
IIS
Logic Attack
- If the PS is the same (but not PS_is) in every
attempt, using logic, within a small number of
authentication attempts the attacker can narrow
down the IIS to one or a few subsets from the PS.
14Countering Frequency Correlation Attacks
Decoy Screens
- A decoy screen is image grid consisting of images
none of which are part of the users IIS. The
user has to select none of the above to succeed
in those rounds. - Make use of x rounds of decoy screens and y
(yltn) rounds or screens with images from user
image set.
15Countering Frequency Correlation Logic Attacks
Image Buckets
- The IS can be partitioned into groups of images
called image buckets. When an image from the IIS
is displayed, all of the other images in the
image bucket to which this image belongs will
also be shown. - The intersection of the images displayed will
never decrease.
16Leaking Image Set Size
- The size of the image set is equal to the number
of rounds. - Correlation between the Image set size and the
number of rounds may be blurred
Randomized number of rounds
- The number of rounds is randomized according to a
bounded normal distribution. - The mean number of rounds and the variance can be
changed as necessary.
17Implementation Issues
Image Set Storage
- If the images are randomized, only the seed for
each image need be stored - Otherwise, entire IS needs to be stored
Security Implications
- AS must store each users IIS.
- If the AS is compromised, the IIS of every user
can be obtained. - The scheme depends on the impenetrability of the
AS
18Key Strength
- If K images per display may be selected, then
with R rounds and PS_iN we obtain an
equivalent key size of KS R log (C(N,K)) . - If K1 thenKS R log (N)
19Equivalent key bits for N16 images/round
20Equivalent key bits per key image
21Conclusions
- IBA is in its infancy
- IBA is more user-friendly
- It is difficult to share IBA image sets without
showing the person the images - IBA offers an alternative to passwords that my be
attractive for some situation - Asymmetric bandwidth
- Poor user input capability
- Protection at AS still an issue