STASH: Securing transparent authentication schemes using prover-side proximity verification

Mika Juuti, Christian Vaas, Ivo Sluganovic, Hans Liljestrand, N Asokan, Ivan Martinovic

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference contributionScientificvertaisarvioitu

6 Sitaatiot (Scopus)

Abstrakti

Transparent authentication (TA) schemes are those in which a user is authenticated by a verifier without requiring explicit user interaction. By doing so, those schemes promise high usability and security simultaneously. The majority of TA implementations rely on the received signal strength as an indicator for the proximity of a user device (prover). However, such implicit proximity verification is not secure against an adversary who can relay messages over a larger distance.

In this paper, we propose a novel approach for thwarting relay attacks in TA schemes: the prover permits access to authentication credentials only if it can confirm that it is near the verifier. We present STASH, a system for relay-resilient transparent authentication in which the prover does proximity verification by comparing its approach trajectory towards the intended verifier with known authorized reference trajectories. Trajectories are measured using low-cost sensors commonly available on personal devices. We demonstrate the security of STASH against a class of adversaries and its ease-of-use by analyzing empirical data, collected using a STASH prototype. STASH is efficient and can be easily integrated to complement existing TA schemes.
AlkuperäiskieliEnglanti
Otsikko2017 14th Annual IEEE International Conference on Sensing, Communication and Networking (SECON), 12-14 June 2017, San Diego, CA, USA
KustantajaIEEE
Sivut1-9
ISBN (elektroninen)978-1-5090-1732-4
DOI - pysyväislinkit
TilaJulkaistu - 2017
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaIEEE International Conference on Sensing, Communication and Networking - San Diego, Yhdysvallat
Kesto: 12 kesäkuuta 201714 kesäkuuta 2017
Konferenssinumero: 14

Conference

ConferenceIEEE International Conference on Sensing, Communication and Networking
LyhennettäSECON
MaaYhdysvallat
KaupunkiSan Diego
Ajanjakso12/06/201714/06/2017

Sormenjälki Sukella tutkimusaiheisiin 'STASH: Securing transparent authentication schemes using prover-side proximity verification'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä