Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

Formalising Human Recognition: a Fundamental Building Block for Security Proofs

Radke,K., Boyd, C., Nieto, J. G., Manulis, M. and Stebila, D.

    A fundamental part of many authentication protocols which authenticate a party to a human involves the human recognizing or otherwise processing a message received from the party. Examples include typical implementations of Verified by Visa in which a message, previously stored by the human at a bank, is sent by the bank to the human to authenticate the bank to the human; or the expectation that humans will recognize or verify an extended validation certificate in a HTTPS context. This paper presents general definitions and building blocks for the modelling and analysis of human recognition in authentication protocols, allowing the creation of proofs for protocols which include humans. We cover both generalized trawling and human-specific targeted attacks. As examples of the range of uses of our construction, we use the model presented in this paper to prove the security of a mutual authentication login protocol and a human-assisted device pairing protocol.
Cite as: Radke,K., Boyd, C., Nieto, J. G., Manulis, M. and Stebila, D. (2014). Formalising Human Recognition: a Fundamental Building Block for Security Proofs. In Proc. Twelfth Australasian Information Security Conference (AISC 2014) Auckland, New Zealand. CRPIT, 149. Parampalli, U. and Welch, I. Eds., ACS. 37-45
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS