Abstract
Observation Resilient Authentication Schemes (ORAS) are a class of shared secret challenge–response identification schemes where a user mentally computes the response via a cognitive function to authenticate herself such that eavesdroppers cannot readily extract the secret. Security evaluation of ORAS generally involves quantifying information leaked via observed challenge–response pairs. However, little work has evaluated information leaked via human behavior while interacting with these schemes. A common way to achieve observation resilience is by including a modulus operation in the cognitive function. This minimizes the information leaked about the secret due to the many-to-one map from the set of possible secrets to a given response. In this work, we show that user behavior can be used as a side channel to obtain the secret in such ORAS. Specifically, the user’s eye-movement patterns and associated timing information can deduce whether a modulus operation was performed (a fundamental design element) to leak information about the secret. We further show that the secret can still be retrieved if the deduction is erroneous, a more likely case in practice. We treat the vulnerability analytically and propose a generic attack algorithm that iteratively obtains the secret despite the “faulty” modulus information. We demonstrate the attack on five ORAS and show that the secret can be retrieved with considerably less challenge–response pairs than non-side-channel attacks (e.g., algebraic/statistical attacks). In particular, our attack is applicable on Mod10, a one-time-pad-based scheme, for which no non-side-channel attack exists. We field test our attack with a small-scale eye-tracking user study.
- Hassan Jameel Asghar, Shujun Li, Ron Steinfeld, and Josef Pieprzyk. 2013. Does counting still count? Revisiting the security of counting based user authentication protocols against statistical attacks. In Proceedings of the 20th Annual Network and Distributed System Security Symposium. 1--18.Google Scholar
- Hassan Jameel Asghar, Josef Pieprzyk, and Huaxiong Wang. 2010. A new human identification protocol and Coppersmith’s baby-step giant-step algorithm. In Proceedings of the International Conference on Applied Cryptography and Network Security. Springer, 349--366.Google Scholar
Cross Ref
- Hassan Jameel Asghar, Ron Steinfeld, Shujun Li, Mohamed Ali Kaafar, and Josef Pieprzyk. 2015. On the linearization of human identification protocols: Attacks based on linear algebra, coding theory, and lattices. IEEE Trans. Inf. Forens. Secur. 10, 8 (2015), 1643--1655.Google Scholar
Digital Library
- Adam J. Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, and Jonathan M. Smith. 2010. Smudge attacks on smartphone touch screens. In Proceedings of the 4th USENIX Conference on Offensive Technologies. USENIX, 1--7.Google Scholar
- Tadas Baltrušaitis, Peter Robinson, and Louis-Philippe Morency. 2016. Openface: An open source facial behavior analysis toolkit. In Proceedings of the Applications of Computer Vision (WACV’16). IEEE, 1--10.Google Scholar
Cross Ref
- Sacha Brostoff and M. Angela Sasse. 2000. Are passfaces more usable than passwords? A field trial investigation. In People and Computers XIV—Usability or Else! Springer, 405--424.Google Scholar
Cross Ref
- Mario Čagalj, Toni Perković, and Marin Bugarić. 2015. Timing attacks on cognitive authentication schemes. IEEE Trans. Inf. Forens. Secur. 10, 3 (2015), 584--596.Google Scholar
Digital Library
- Liang Cai and Hao Chen. 2011. TouchLogger: Inferring keystrokes on touch screen from smartphone motion. In Proceedings of the 6th USENIX Conference on Hot Topics in Security. USENIX.Google Scholar
- Jagmohan Chauhan, Benjamin Zi Hao Zhao, Hassan Jameel Asghar, Jonathan Chan, and Mohamed Ali Kaafar. 2017. BehavioCog: An observation resistant authentication scheme. In Proceedings of the International Conference on Financial Cryptography and Data Security. Springer, 39--58.Google Scholar
Digital Library
- Edwin S. Dalmaijer, Sebastiaan Mathôt, and Stefan Van der Stigchel. 2014. PyGaze: An open-source, cross-platform toolbox for minimal-effort programming of eyetracking experiments. Behavior Research Methods 46, 4 (2014), 913–921.Google Scholar
Cross Ref
- Rachna Dhamija, Adrian Perrig, et al. 2000. Deja vu-a user study: Using images for authentication. In Proceedings of the USENIX Security Symposium, Vol. 9.Google Scholar
- Lior Elazary and Laurent Itti. 2010. A bayesian model for efficient visual search and recognition. Vis. Res. 50, 14 (2010), 1338--1352.Google Scholar
Cross Ref
- Fabian Pedregosa, Gaël Varoquaux, Alexandre Gramfort, Vincent Michel, Bertrand Thirion, Olivier Grisel, Mathieu Blondel, Peter Prettenhofer, Ron Weiss, Vincent Dubourg, Jake Vanderplas, Alexandre Passos, David Cournapeau, Matthieu Brucher, Matthieu Perrot, and Édouard Duchesnay. 2011. Scikit-learn: Machine learning in Python. J. Mach. Learn. Res. 12 (2011), 2825--2830.Google Scholar
Digital Library
- Denis Foo Kune and Yongdae Kim. 2010. Timing attacks on PIN input devices. In Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS’10). ACM, New York, NY, 678--680. DOI:https://doi.org/10.1145/1866307.1866395Google Scholar
- Ian Goodfellow, Yoshua Bengio, Aaron Courville, and Yoshua Bengio. 2016. Deep Learning. Vol. 1. MIT Press, Cambridge, MA.Google Scholar
Digital Library
- Dan Witzner Hansen and Qiang Ji. 2010. In the eye of the beholder: A survey of models for eyes and gaze. IEEE Trans. Pattern Anal. Mach. Intell. 32, 3 (2010), 478--500.Google Scholar
Digital Library
- Nicholas J. Hopper and Manuel Blum. 2001. Secure human identification protocols. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security. Springer, 52--66.Google Scholar
- Patrick Gage Kelley, Saranga Komanduri, Michelle L. Mazurek, Richard Shay, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. 2013. The impact of pattern length, pattern compactness, and mathematical operators on the usability and security of system-assigned graphical one-time PINs. In Proceedings of the International Conference on Financial Cryptography and Data Security. 34--51.Google Scholar
Cross Ref
- Kyle Krafka, Aditya Khosla, Petr Kellnhofer, Harini Kannan, Suchendra Bhandarkar, Wojciech Matusik, and Antonio Torralba. 2016. Eye tracking for everyone. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2176--2184.Google Scholar
Cross Ref
- Daniel LeBlanc, Alain Forget, and Robert Biddle. 2010. Guessing click-based graphical passwords by eye tracking. In Proceedings of the 2010 8th Annual International Conference on Privacy Security and Trust (PST’10). IEEE, 197--204.Google Scholar
Cross Ref
- Jo-Anne LeFevre, Gregory S. Sadesky, and Jeffrey Bisanz. 1996. Selection of procedures in mental addition: Reassessing the problem size effect in adults. J. Exp. Psychol. Learn. Mem. Cogn. 22, 1 (1996), 216.Google Scholar
Cross Ref
- Shujun Li and Heung Yeung Shum. 2005. Secure human-computer identification (interface) systems against peeping attacks: SecHCI. Cryptology ePrint Archive, Report 2005/268, 2005. https://eprint.iacr.org/2005/268.Google Scholar
- Tsutomu Matsumoto. 1998. Human–computer cryptography: An attempt. J. Comput. Secur. 6, 3 (1998), 129--149.Google Scholar
Digital Library
- Hanchuan Peng, Fuhui Long, and Chris Ding. 2005. Feature selection based on mutual information criteria of max-dependency, max-relevance, and min-redundancy. IEEE Trans. Pattern Anal. Mach. Intell. 27, 8 (2005), 1226--1238.Google Scholar
Digital Library
- Hirokazu Sasamoto, Nicolas Christin, and Eiji Hayashi. 2008. Undercover: Authentication usable in front of prying eyes. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 183--192.Google Scholar
Digital Library
- Krebson Security. [n.d.]. Hidden Cameras on Automated Teller Machines (ATMs). Retrieved Novemenber 30, 2018 from https://krebsonsecurity.com/tag/atm-skimmer/.Google Scholar
- Laurent Simon and Ross Anderson. 2013. Pin skimmer: Inferring pins through the camera and microphone. In Proceedings of the 3rd ACM workshop on Security and Privacy in Smartphones 8 Mobile Devices. ACM, 67--78.Google Scholar
Digital Library
- James Victor Uspensky. 1937. Introduction to Mathematical Probability. McGraw-Hill, New York, NY, 23--24.Google Scholar
- Susan Wiedenbeck, Jim Waters, Leonardo Sobrado, and Jean-Camille Birget. 2006. Design and evaluation of a shoulder-surfing resistant graphical password scheme. In Proceedings of the Working Conference on Advanced Visual Interfaces. ACM, 177--184.Google Scholar
Digital Library
- Gordon Thomas Wilfong. 1999. Method and apparatus for secure PIN entry. Patent number: 5940511, August 1999.Google Scholar
- Qiang Yan, Jin Han, Yingjiu Li, and Robert H. Deng. 2012. On limitations of designing leakage-resilient password systems: Attacks, principles and usability. In Proceedings of the 19th Annual Network and Distributed System Security Symposium. Citeseer.Google Scholar
- Qinggang Yue, Zhen Ling, Xinwen Fu, Benyuan Liu, Kui Ren, and Wei Zhao. 2014. Blind recognition of touched keys on mobile devices. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1403--1414.Google Scholar
Digital Library
Index Terms
Exploiting Behavioral Side Channels in Observation Resilient Cognitive Authentication Schemes
Recommendations
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
AbstractSide-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
On the Correctness of an Approach against Side-Channel Attacks
ISPEC '09: Proceedings of the 5th International Conference on Information Security Practice and ExperienceSide-channel attacks are a very powerful cryptanalytic technique. Li and Gu [ProvSec'07] proposed an approach against side-channel attacks, which states that a symmetric encryption scheme is IND-secure in side-channel model, if it is IND-secure in black-...
Side-channel plaintext-recovery attacks on leakage-resilient encryption
DATE '17: Proceedings of the Conference on Design, Automation & Test in EuropeDifferential power analysis (DPA) is a powerful tool to extract the key of a cryptographic implementation from observing its power consumption during the en-/decryption of many different inputs. Therefore, cryptographic schemes based on frequent re-...






Comments