Presentation is loading. Please wait.

Presentation is loading. Please wait.

L C SL C S The Untrusted Computer Problem and Camera-Based Authentication Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Matt Burnside, Marten van Dijk,

Published byGertrude Simon Modified over 8 years ago

Similar presentations

Presentation on theme: "L C SL C S The Untrusted Computer Problem and Camera-Based Authentication Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Matt Burnside, Marten van Dijk,"— Presentation transcript:

1 L C SL C S The Untrusted Computer Problem and Camera-Based Authentication Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Matt Burnside, Marten van Dijk, Srinivas Devadas, Ronald Rivest

2 Overview 1.Problem 2.Camera Augmented K21 3.Reducing the problem … 4.Pixel Mapping 5.Optical Character Recognition

3 Problem: Bi-directional Authentication He wishes to communicate with his proxy. Proxy He can trust what he sees on the screen, because his camera augmented K21 is monitoring the screen content. K21 Bob is using an untrustworthy computer. Untrusted Computer Bob Why not use SSL?

4 The Camera Augmented K21 Pixel Mapping Approach A digital camera. Status indicator lights. (red, green) A small numerical LCD display. Symmetric keys shared with the proxy. OCR Approach also has control buttons 1. capture image 2. send image to proxy IR link to untrusted computer

5 Reducing the Problem … Proxy K21 We would like: Downwards Authentication: Bob to receive authentic messages from his proxy Upwards Authentication: Bob’s proxy to receive authentic messages from him Untrusted Computer Bob

6 But if we have: Upwards Transmission: Bob sends a message to proxy from untrusted computer Secure Approval: Bob can securely inform proxy that he approves a specific authenticated message from proxy Downwards Authentication

7 Upwards Authentication Bob sends a message to proxy using untrusted computer (Upwards Transmission) Proxy receives message’, message’ might be different from message if untrusted computer/network was unfaithful. Bob securely approves message’ if message’ == message, and if Bob did send message to proxy. (Secure Approval) Proxy does authentic transmission of message’ to Bob (Downwards Authentication)

8 Pixel Mapping Approach (Blaise Gassend) Each message from Proxy is accompanied with raw data that is used to authenticate the message K21 monitors screen and uses camera to reconstruct the contents of the untrusted computer’s screen; K21 verifies the authenticity of the displayed information.

9 Message Each transmission from the proxy has: A nonce A MAC on the message and nonce 45239 4 When the user must confirm a decision (in Secure Approval), the transmission from the proxy also contains: An encrypted one-time password

10 Message contd. The K21 monitors screen and reconstructs the contents of the screen Only the K21 with the correct key can: Verify the MAC on the message Decrypt the one-time password The K21 provides the decrypted one-time password to Bob to use for Secure Approval 45239 4

11 The Pixel Mapping Idea Screen content is displayed in black and white. Each screen pixel is seen by at least one significant camera pixel. Camera pixel Significant camera pixel Screen pixels must be large compared to camera pixels. Screen pixel

12 Successful Calibration

13 Pixel Mapping: Protocol Upwards Transmission: Bob sends message to proxy Secure Approval: Bob sends one-time password to proxy Downwards Authentication: Proxy sends (message, encrypted nonce, encrypted OTP, MAC) K21 exactly reconstructs screen K21 checks nonce and MAC. If checks pass, K21 lights green light, and displays one-time password on a small LCD display.

14 OCR Approach (Thomas Kotwal) K21 has –control buttons (for Secure Approval) 1. capture image 2. send approval to proxy –IR link to untrusted computer The computation of verifying the proxy’s message is moved back onto the proxy, instead of doing it on the K21.

15 2.K21 takes a picture; K21 uses its IR link to send (“verify”, picture, encrypted nonce, MAC) to the proxy via untrusted computer. 3.Proxy corrects for image distortion and performs OCR. Proxy checks nonce, MAC, and that result of OCR is the same as message in 1. SELL: IBM 300 SHARES TOTAL: $300 4.Proxy sends a confirmation (‘yes’ / ‘no’, encrypted nonce, MAC) back to the K21. If ‘yes’ and MAC and nonce verify, K21 lights green light. Downwards Authentication 1.Proxy sends message, in form of an image, to untrusted computer.

16 OCR: Protocol Upwards Transmission: Bob sends message to proxy Secure Approval: Bob presses ‘capture’ button on K21, K21 takes a picture Bob presses ‘send’ button on K21, K21 uses its IR link to send (“accept”, picture, encrypted nonce, MAC) to the proxy via untrusted computer. Proxy checks nonce, MAC, result of OCR is the same as message in upwards transmission. Only Bob’s K21 can create appropriate MAC. Downwards Authentication

17 Image Verification Problem Is this……the same as this? Obstacles: Linear and non-linear distortions Decreased resolution Noise Steps to solution: Undo distortions Compare content

18 Step 1: Undo Image Distortion a)Undo lens distortion –Model as radially symmetric quadratic distortion –Non-linear transformation b)Undo linear distortions –Corrects for affine (scaling, rotation, translation) and perspective distortion (picture at non- perpendicular angle relative to screen) –Requires four known points in distorted image c)Undo other non-linear distortions –Corrects for curvature of screen, etc. –May not be necessary

19 Step 2: Compare Content Assume content is text only Perform OCR on processed image –Advantage: proxy knows what the text should say –To save computation time compare each character with what it should be, not every possible character –Constrain font to facilitate OCR routine

20 OCR Advantages Proxy knows what the screen should display so OCR can be optimized No image processing on the K21 No calibration necessary Camera does not have to be immobile during session User does not have to type a one-time password Pixel Mapping Advantages Does not require IR link between K21 and untrustworthy computer Shorter verification time (network latency, computation time) Can do graphics Comparison of OCR vs. Pixel Mapping

Download ppt "L C SL C S The Untrusted Computer Problem and Camera-Based Authentication Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Matt Burnside, Marten van Dijk,"

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
What we will cover today… Where is the camera on my phone? Taking a photo Zoom in and out Deleting a photo Where do my photos go to? Viewing my photos.

What we will cover today… Where is the camera on my phone? Taking a photo Zoom in and out Deleting a photo Where do my photos go to? Viewing my photos.
Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they.

Many personal devices have rich set of capabilities: sensors, communication, computing power and data storage, and they are personal. Potentially they.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Www.securepaymentsystems.com Secure Payment Systems iPhone Processing.

Secure Payment Systems iPhone Processing.
The Steerable Projector and Camera Unit in an Instrumented Environment Lübomira Spassova Saarland University, Saarbrücken, Germany.

The Steerable Projector and Camera Unit in an Instrumented Environment Lübomira Spassova Saarland University, Saarbrücken, Germany.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
Part I: Basics of Computer Graphics Viewing Transformation and Coordinate Systems Chapter 2 2-1.

Part I: Basics of Computer Graphics Viewing Transformation and Coordinate Systems Chapter
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
CS485/685 Computer Vision Prof. George Bebis

CS485/685 Computer Vision Prof. George Bebis
Uncalibrated Epipolar - Calibration

Uncalibrated Epipolar - Calibration
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Similar presentations

Ads by Google