Title: Seeing-Is-Believing: using camera phones for human-verifiable authentication

Authors: Jonathan M. McCune, Adrian Perrig, Michael K. Reiter

Addresses: CyLab, Electrical and Computer Engineering Department, Carnegie Mellon University, Pittsburgh, PA, USA. ' CyLab, Electrical and Computer Engineering Department, Carnegie Mellon University, Pittsburgh, PA, USA. ' Department of Computer Science, University of North Carolina, Chapel Hill, NC, USA

Abstract: Current mechanisms for authenticating communication between devices that share no prior context are inconvenient for ordinary users, without the assistance of a trusted authority. We present and analyse Seeing-Is-Believing (SiB), a system that utilises 2D barcodes and camera-phones to implement a visual channel for authentication and demonstrative identification of devices. We apply this visual channel to several problems in computer security, including authenticated key exchange between devices that share no prior context, establishment of the identity of a TCG-compliant computing platform, and secure device configuration in the context of a smart home.

Keywords: device pairing; key establishment; 2D barcodes; MITM; man-in-the-middle attacks; camera phones; wireless networks; secure pairing; authentication; identification; vision; visual channel; computer security; authenticated key exchange.

DOI: 10.1504/IJSN.2009.023425

International Journal of Security and Networks, 2009 Vol.4 No.1/2, pp.43 - 56

Published online: 23 Feb 2009 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article