Sciweavers

CHI
2011
ACM

Security through a different kind of obscurity: evaluating distortion in graphical authentication schemes

13 years 3 months ago
Security through a different kind of obscurity: evaluating distortion in graphical authentication schemes
While a large body of research on image-based authentication has focused on memorability, comparatively less attention has been paid to the new security challenges these schemes may introduce. Because images can convey more information than text, image-based authentication may be more vulnerable to educated guess attacks than passwords. In this paper, we evaluate the resilience of a recognitionbased graphical authentication scheme using distorted images against two types of educated guess attacks through two user studies. The first study, consisting of 30 participants, investigates whether distortion prevents educated guess attacks primarily based on information about individual users. The second study, using Amazon Mechanical Turk, investigates whether distortion mitigates the risk of educated guess attacks based on collective information about users. Our results show that authentication images without distortion are vulnerable to educated guess attacks, especially when information ...
Eiji Hayashi, Jason Hong, Nicolas Christin
Added 25 Aug 2011
Updated 25 Aug 2011
Type Journal
Year 2011
Where CHI
Authors Eiji Hayashi, Jason Hong, Nicolas Christin
Comments (0)