Towards Device-to-User Authentication: Protecting Against Phishing Hardware by Ensuring Mobile Device Authenticity using Vibration Patterns

Rainhard Findling, Rene Mayrhofer

Publikation: Beitrag in Buch/Bericht/TagungsbandKonferenzbeitragBegutachtung

8 Zitate (Scopus)

Abstract

Users usually authenticate to mobile devices before using them (e.g. PIN, password), but devices do not do the same to users. Revealing the authentication secret to a non-authenticated device potentially enables attackers to obtain the secret, by replacing the device with an identical-looking malicious device. The revealed authentication secret could be transmitted to the attackers immediately, who then conveniently authenticate to the real device. Addressing this attack scenario, we analyze different approaches towards mobile device-to-user (D2U) authentication, for which we provide an overview of advantages/drawbacks, potential risks and device authentication data bandwidth estimations. We further analyze vibration as one D2U feedback channel that is unobtrusive and hard to eavesdrop, including a user study to estimate vibration pattern recognition using a setup of ~7 bits per second (b/s). Study findings indicate that users are able to distinguish vibration patterns with median correctness of 97.5% (without taking training effects into account) - which indicates that vibration could act as authentication feedback channel and should be investigated further in future research.
OriginalspracheEnglisch
TitelMUM 2015 - Proceedings of the 14th International Conference on Mobile and Ubiquitous Multimedia
Redakteure/-innenEnrico Rukzio, Michael Roland, Rene Mayrhofer, Clemens Holzmann, Jonna Hakkila
Herausgeber (Verlag)ACM Press
Seiten131-135
Seitenumfang5
ISBN (elektronisch)9781450336055
DOIs
PublikationsstatusVeröffentlicht - 30 Nov. 2015
Veranstaltung14th International Conference on Mobile and Ubiquitous Multimedia (MUM 2015) - Linz, Österreich
Dauer: 30 Nov. 20152 Dez. 2015
http://www.mum-conf.org/2015/

Publikationsreihe

NameACM International Conference Proceeding Series
Band30-November-2015

Konferenz

Konferenz14th International Conference on Mobile and Ubiquitous Multimedia (MUM 2015)
Land/GebietÖsterreich
OrtLinz
Zeitraum30.11.201502.12.2015
Internetadresse

Schlagwörter

  • Phishing hardware
  • mobile authentication
  • vibration
  • feedback

Fingerprint

Untersuchen Sie die Forschungsthemen von „Towards Device-to-User Authentication: Protecting Against Phishing Hardware by Ensuring Mobile Device Authenticity using Vibration Patterns“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren