TY - GEN
T1 - Visualizing your key for secure phone calls and language independence
AU - Oehler, Michael
AU - Phatak, Dhananjay
AU - Krautheim, John
PY - 2010
Y1 - 2010
N2 - We present a method to visualize and authenticate a cryptographically negotiated key for a secure phone call. That is, each caller is presented with a graphical representation of the key and through verbal interaction (i.e., side-channel authentication) they describe what they see. If they agree, the key is authenticated and the secure media session continues. The strength of the approach lies in the vocal recognition of the callers, and their ability to confirm the image displayed by their system. The necessary degree of visual recognition is achieved by using basic shapes, color and count. People, regardless of language or age, can easily identifying these images. Our experience shows that they can communicate what they see with little effort and terminate the call when they differ. We believe that this approach reverses the current trend in security to divest users from the underlying cryptographic principles supporting secure systems by abstracting these principles to a comprehensible and visual form. This paper demonstrates that visualization and the human factor can play a pivotal role in establishing a secure communication channel. This short paper discusses how a key is visualized and provides some initial user feedback. We have named this approach the Short Authentication SymbolS VisuallY (SASSY.)
AB - We present a method to visualize and authenticate a cryptographically negotiated key for a secure phone call. That is, each caller is presented with a graphical representation of the key and through verbal interaction (i.e., side-channel authentication) they describe what they see. If they agree, the key is authenticated and the secure media session continues. The strength of the approach lies in the vocal recognition of the callers, and their ability to confirm the image displayed by their system. The necessary degree of visual recognition is achieved by using basic shapes, color and count. People, regardless of language or age, can easily identifying these images. Our experience shows that they can communicate what they see with little effort and terminate the call when they differ. We believe that this approach reverses the current trend in security to divest users from the underlying cryptographic principles supporting secure systems by abstracting these principles to a comprehensible and visual form. This paper demonstrates that visualization and the human factor can play a pivotal role in establishing a secure communication channel. This short paper discusses how a key is visualized and provides some initial user feedback. We have named this approach the Short Authentication SymbolS VisuallY (SASSY.)
KW - authenticated key agreement
KW - human-assisted authentication
KW - side channel authentication
KW - visual authentication
UR - http://www.scopus.com/inward/record.url?scp=78149434581&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78149434581&partnerID=8YFLogxK
U2 - 10.1145/1850795.1850803
DO - 10.1145/1850795.1850803
M3 - Conference contribution
AN - SCOPUS:78149434581
SN - 9781450300131
T3 - ACM International Conference Proceeding Series
SP - 64
EP - 69
BT - VizSec 2010 - Proceedings of the 7th International Symposium on Visualization for Cyber Security
PB - Association for Computing Machinery
T2 - 7th International Symposium on Visualization for Cyber Security, VizSec 2010
Y2 - 14 September 2010 through 14 September 2010
ER -