Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Checksum gestures
T2 - continuous gestures as an out-of-band channel for secure pairing
AU - Ahmed, Imtiaj
AU - Ye, Yina
AU - Bhattacharya, Sourav
AU - Asokan, N.
AU - Jacucci, Giulio
AU - Nurmi, Petteri
AU - Tarkoma, Sasu
PY - 2015
Y1 - 2015
N2 - We propose the use of a single continuous gesture as a novel, intuitive, and efficient mechanism to authenticate a secure communication channel. Our approach builds on a novel algorithm for encoding (at least 20-bits) authentication information as a single continuous gesture, referred to as a checksum gesture. By asking the user to perform the generated gesture, a secure channel can be authenticated. Results from a controlled user experiment (N = 13 participants, 1022 trials) demonstrate the feasibility of our technique, showing over 90% success rate in establishing a secure communication channel despite relying on complex gesture patterns. The authentication times of our method are over three-folds faster than with previous gesture-based solutions. The average execution time of a gesture is 5:7 seconds in our study, which is comparable to the input time of conventional text input based PIN authentication. Our approach is particularly well-suited for scenarios involving wearable devices that lack conventional input capabilities, e.g., pairing a smartwatch with an interactive display.
AB - We propose the use of a single continuous gesture as a novel, intuitive, and efficient mechanism to authenticate a secure communication channel. Our approach builds on a novel algorithm for encoding (at least 20-bits) authentication information as a single continuous gesture, referred to as a checksum gesture. By asking the user to perform the generated gesture, a secure channel can be authenticated. Results from a controlled user experiment (N = 13 participants, 1022 trials) demonstrate the feasibility of our technique, showing over 90% success rate in establishing a secure communication channel despite relying on complex gesture patterns. The authentication times of our method are over three-folds faster than with previous gesture-based solutions. The average execution time of a gesture is 5:7 seconds in our study, which is comparable to the input time of conventional text input based PIN authentication. Our approach is particularly well-suited for scenarios involving wearable devices that lack conventional input capabilities, e.g., pairing a smartwatch with an interactive display.
KW - authentication
KW - device association
KW - gesture encoding
KW - gesture interaction
KW - usable security
U2 - 10.1145/2750858.2807521
DO - 10.1145/2750858.2807521
M3 - Conference contribution/Paper
SN - 9781450335744
SP - 391
EP - 401
BT - UbiComp '15 Proceedings of the 2015 ACM International Joint Conference on Pervasive and Ubiquitous Computing
PB - ACM
CY - New York
ER -