Reverse authentication in financial transactions and identity management
Bill Roscoe‚ Chen Bangdao and Long Nguyen
Abstract
New families of protocol, based on communication over human-based side channels, permit secure pairing or group formation in ways such that no party has to prove its name. Rather, individuals are able to hook up devices in their possession to others that they can identify by context. We examine a model in which, to prove his or her identity to a party, the user first uses one of these ``human-interactive security protocols'' or HISPs to connect to it. Thus, when authenticating A to B, A first authenticates a channel she has to B: the reverse direction. This can be characterised as bootstrapping a secure connection using human trust. This provides new challenges to the formal modelling of trust and authentication.
Details
| Journal |
To appear in Wireless Networks‚ Mobile Networks and Applications |
| Year |
2012 |
Links
Related pages
|
People |