Asghar, Hassan Jameel, Steinfeld, Ron, Li, Shujun, Kaafa, Mohamed Ali, Pieprzyk, Josef (2015) On the Linearization of Human Identification Protocols: Attacks Based on Linear Algebra, Coding Theory, and Lattices. IEEE Transactions on Information Forensics and Security, 10 (8). pp. 1643-1655. ISSN 1556-6013. E-ISSN 1556-6021. (doi:10.1109/TIFS.2015.2421875) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided) (KAR id:69555)
|
PDF
Author's Accepted Manuscript
Language: English Restricted to Repository staff only |
|
|
|
![[thumbnail of IEEETIFS2015.pdf]](https://kar.kent.ac.uk/style/images/fileicons/application_pdf.png) |
| Official URL: https://doi.org/10.1109/TIFS.2015.2421875 |
|
Abstract
Human identification protocols are challenge-response protocols that rely on human computational ability to reply to random challenges from the server based on a public function of a shared secret and the challenge to authenticate the human user. One security criterion for a human identification protocol is the number of challenge-response pairs the adversary needs to observe before it can deduce the secret. In order to increase this number, protocol designers have tried to construct protocols that cannot be represented as a system of linear equations or congruences. In this paper, we take a closer look at different ways from algebra, lattices, and coding theory to obtain the secret from a system of linear congruences. We then show two examples of human identification protocols from literature that can be transformed into a system of linear congruences. The resulting attack limits the number of authentication sessions these protocols can be used before secret renewal. Prior to this paper, these protocols had no known upper bound on the number of allowable sessions per secret.
| Item Type: | Article |
|---|---|
| DOI/Identification number: | 10.1109/TIFS.2015.2421875 |
| Uncontrolled keywords: | Human identification protocols, learning with errors, linear system of congruences |
| Subjects: |
Q Science > QA Mathematics (inc Computing science) > QA150 Algebra Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science T Technology > TK Electrical engineering. Electronics. Nuclear engineering > TK7800 Electronics > TK7880 Applications of electronics > TK7885 Computer engineering. Computer hardware |
| Divisions: |
Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing University-wide institutes > Institute of Cyber Security for Society |
| Funders: | Organisations -1 not found. |
| Depositing User: | Shujun Li |
| Date Deposited: | 14 Oct 2018 21:59 UTC |
| Last Modified: | 05 Nov 2024 12:31 UTC |
| Resource URI: | https://kar.kent.ac.uk/id/eprint/69555 (The current URI for this page, for reference purposes) |
University of Kent Author Information
Li, Shujun.
| Creator's ORCID: |
 https://orcid.org/0000-0001-5628-7328
|
|---|---|
| CReDIT Contributor Roles: |
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):
Altmetric
Altmetric
