2008 The Second International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies
FakePointer: An Authentication Scheme for Improving Security against Peeping Attacks Using Video Cameras
September 29-October 04
ISBN: 978-0-7695-3367-4
Peeping attacks in the real world are a threat to user authentication. What is worse, an emerging attack method such as video capture makes traditional measures against peeping attack insufficient. This paper presents a unique user authentication scheme named "fakePointer'' as a solution to peeping attacks conducted by video capture. It makes it difficult for attackers to obtain a secret even if someone captures an authentication scene using a video camera. The fakePointer has two unique features to ensure security against such a peeping attack. One is that fakePointer provides a double-layered interface for a secret input. This interface makes it difficult for attackers to identify a legitimate user's secret even if they have a video record showing a target user's authentication action. The other feature is that fakePointer uses two secrets: a fixed secret and a disposable secret. This feature enables change of a secret input operation in each authentication, which is also a necessary feature for ensuring security. This feature makes it difficult to extract a secret by statistical inference even if an attacker has many video records of the same user.
Index Terms:
authentication, security, peeping attack, shoulder surfing attack, usable security
Citation:
Tetsuji Takada, "FakePointer: An Authentication Scheme for Improving Security against Peeping Attacks Using Video Cameras," ubicomm, pp.395-400, 2008 The Second International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, 2008
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb