Evaluating Security of a Simple Interactive Human Identification Scheme
Summary :
Password checking schemes are human identification methods commonly adopted in many information systems. One of their disadvantages is that an attacker who correctly observed an input password can impersonate the corresponding user freely. To overcome it there have been proposed interactive human identification schemes. Namely, a human prover who has a secret key is asked a question by a machine verifier, who then checks if an answer from the prover matches the question with respect to the key. This letter examines such a scheme that requires relatively less efforts to human provers. By computer experiments this letter evaluates its resistance against a type of attack; after observing several pairs of questions and correct answers how successfully can an attacker answer the next question?
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E78-A No.5 pp.577-578
- Publication Date
- 1995/05/25
- Publicized
- Online ISSN
- DOI
- Type of Manuscript
- Special Section LETTER (Special Section of Letters Selected from the 1994 IEICE Fall Conference)
- Category
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Ryo MIZUTANI, Tsutomu MATSUMOTO, "Evaluating Security of a Simple Interactive Human Identification Scheme" in IEICE TRANSACTIONS on Fundamentals,
vol. E78-A, no. 5, pp. 577-578, May 1995, doi: .
Abstract: Password checking schemes are human identification methods commonly adopted in many information systems. One of their disadvantages is that an attacker who correctly observed an input password can impersonate the corresponding user freely. To overcome it there have been proposed interactive human identification schemes. Namely, a human prover who has a secret key is asked a question by a machine verifier, who then checks if an answer from the prover matches the question with respect to the key. This letter examines such a scheme that requires relatively less efforts to human provers. By computer experiments this letter evaluates its resistance against a type of attack; after observing several pairs of questions and correct answers how successfully can an attacker answer the next question?
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/e78-a_5_577/_p
Copy
@ARTICLE{e78-a_5_577,
author={Ryo MIZUTANI, Tsutomu MATSUMOTO, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Evaluating Security of a Simple Interactive Human Identification Scheme},
year={1995},
volume={E78-A},
number={5},
pages={577-578},
abstract={Password checking schemes are human identification methods commonly adopted in many information systems. One of their disadvantages is that an attacker who correctly observed an input password can impersonate the corresponding user freely. To overcome it there have been proposed interactive human identification schemes. Namely, a human prover who has a secret key is asked a question by a machine verifier, who then checks if an answer from the prover matches the question with respect to the key. This letter examines such a scheme that requires relatively less efforts to human provers. By computer experiments this letter evaluates its resistance against a type of attack; after observing several pairs of questions and correct answers how successfully can an attacker answer the next question?},
keywords={},
doi={},
ISSN={},
month={May},}
Copy
TY - JOUR
TI - Evaluating Security of a Simple Interactive Human Identification Scheme
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 577
EP - 578
AU - Ryo MIZUTANI
AU - Tsutomu MATSUMOTO
PY - 1995
DO -
JO - IEICE TRANSACTIONS on Fundamentals
SN -
VL - E78-A
IS - 5
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - May 1995
AB - Password checking schemes are human identification methods commonly adopted in many information systems. One of their disadvantages is that an attacker who correctly observed an input password can impersonate the corresponding user freely. To overcome it there have been proposed interactive human identification schemes. Namely, a human prover who has a secret key is asked a question by a machine verifier, who then checks if an answer from the prover matches the question with respect to the key. This letter examines such a scheme that requires relatively less efforts to human provers. By computer experiments this letter evaluates its resistance against a type of attack; after observing several pairs of questions and correct answers how successfully can an attacker answer the next question?
ER -
English
