Authentication in Insecure Environments

Sebastian Pape discusses two different scenarios for authentication. On the one hand, users cannot trust their devices and nevertheless want to be able to do secure authentication. On the other hand, users may not want to be tracked while their service provider does not want them to share their credentials. Many users may not be able to determine whether their device is trustworthy, i.e. it might contain malware. One solution is to use visual cryptography for authentication. The author generalizes this concept to human decipherable encryption schemes and establishes a relationship to CAPTCHAS. He proposes a new security model and presents the first visual encryption scheme which makes use of noise to complicate the adversary's task. To prevent service providers from keeping their users under surveillance, anonymous credentials may be used. However, sometimes it is desirable to prevent the users from sharing their credentials. The author compares existing approaches based on non-transferable anonymous credentials and proposes an approach which combines biometrics and smartcards.

Publication in the field of technical sciences Includes supplementary material: sn.pub/extras

Autorentext
Dr. Sebastian Pape is postdoctoral researcher at the Chair of Software Engineering at Technical University Dortmund.

Inhalt
Mathematical and Cryptographic Foundation.- Human Decipherable Encryption Schemes: Introduction, Scenario, and Related Work - Human Decipherable Encryption Scheme - Encryption Schemes Based on Dice Codings - Conclusion and Future Work.- Non-Transferable Anonymous Credentials: Introduction, Scenario, and Related Work - Privacy and Data Security - Analysis of Non-Transferable Anonymous Credentials - Conclusion and Future Work.- Outlook and Appendix.