What you see is not what you get: Leakage-resilient password entry schemes for smart glasses
Smart glasses are becoming popular for users to access various services such as email. To protect these services, password-based user authentication is widely used. Unfortunately, the password based user authentication has inherent vulnerability against password leakage. Many efforts have been put o...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2017
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/3815 https://ink.library.smu.edu.sg/context/sis_research/article/4817/viewcontent/p327_li__1_.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-4817 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-48172020-03-26T07:06:56Z What you see is not what you get: Leakage-resilient password entry schemes for smart glasses LI, Yan CHENG, Yao LI, Yingjiu DENG, Robert H. Smart glasses are becoming popular for users to access various services such as email. To protect these services, password-based user authentication is widely used. Unfortunately, the password based user authentication has inherent vulnerability against password leakage. Many efforts have been put on designing leakage resilient password entry schemes on PCs and mobile phones with traditional input equipment including keyboards and touch screens. However, such traditional input equipment is not available on smart glasses. Existing password entry on smart glasses relies on additional PCs or mobile devices. Such solutions force users to switch between different systems, which causes interrupted experience and may lower the practicability and usability of smart glasses. In this paper, we propose a series of leakage-resilient password entry schemes on stand-alone smart glasses, which are gTapper, gRotator, and gTalker. These schemes ensure no leakage in password entry by breaking the correlation between the underlying password and the interaction observable to adversaries. They are practical in the sense that they only require a touch pad, a gyroscope, and a microphone which are commonly available on smart glasses. The usability of the proposed schemes is evaluated by user study under various test conditions which are common in users' daily usage. The results of our user study reveal that the proposed schemes are easy-to-use so that users enter their passwords within moderate time, at high accuracy, and in various situations. 2017-04-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3815 info:doi/10.1145/3052973.3053042 https://ink.library.smu.edu.sg/context/sis_research/article/4817/viewcontent/p327_li__1_.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Eavesdropping attack Leakage-resilient password entry Smart glasses Glass Touch screens Eavesdropping attacks High-accuracy No leakages Smart glass Stand -alone Test condition Touch pads User authentication Authentication Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Eavesdropping attack Leakage-resilient password entry Smart glasses Glass Touch screens Eavesdropping attacks High-accuracy No leakages Smart glass Stand -alone Test condition Touch pads User authentication Authentication Information Security |
| spellingShingle |
Eavesdropping attack Leakage-resilient password entry Smart glasses Glass Touch screens Eavesdropping attacks High-accuracy No leakages Smart glass Stand -alone Test condition Touch pads User authentication Authentication Information Security LI, Yan CHENG, Yao LI, Yingjiu DENG, Robert H. What you see is not what you get: Leakage-resilient password entry schemes for smart glasses |
| description |
Smart glasses are becoming popular for users to access various services such as email. To protect these services, password-based user authentication is widely used. Unfortunately, the password based user authentication has inherent vulnerability against password leakage. Many efforts have been put on designing leakage resilient password entry schemes on PCs and mobile phones with traditional input equipment including keyboards and touch screens. However, such traditional input equipment is not available on smart glasses. Existing password entry on smart glasses relies on additional PCs or mobile devices. Such solutions force users to switch between different systems, which causes interrupted experience and may lower the practicability and usability of smart glasses. In this paper, we propose a series of leakage-resilient password entry schemes on stand-alone smart glasses, which are gTapper, gRotator, and gTalker. These schemes ensure no leakage in password entry by breaking the correlation between the underlying password and the interaction observable to adversaries. They are practical in the sense that they only require a touch pad, a gyroscope, and a microphone which are commonly available on smart glasses. The usability of the proposed schemes is evaluated by user study under various test conditions which are common in users' daily usage. The results of our user study reveal that the proposed schemes are easy-to-use so that users enter their passwords within moderate time, at high accuracy, and in various situations. |
| format |
text |
| author |
LI, Yan CHENG, Yao LI, Yingjiu DENG, Robert H. |
| author_facet |
LI, Yan CHENG, Yao LI, Yingjiu DENG, Robert H. |
| author_sort |
LI, Yan |
| title |
What you see is not what you get: Leakage-resilient password entry schemes for smart glasses |
| title_short |
What you see is not what you get: Leakage-resilient password entry schemes for smart glasses |
| title_full |
What you see is not what you get: Leakage-resilient password entry schemes for smart glasses |
| title_fullStr |
What you see is not what you get: Leakage-resilient password entry schemes for smart glasses |
| title_full_unstemmed |
What you see is not what you get: Leakage-resilient password entry schemes for smart glasses |
| title_sort |
what you see is not what you get: leakage-resilient password entry schemes for smart glasses |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2017 |
| url |
https://ink.library.smu.edu.sg/sis_research/3815 https://ink.library.smu.edu.sg/context/sis_research/article/4817/viewcontent/p327_li__1_.pdf |
| _version_ |
1770573797688082432 |