TU Darmstadt / ULB / TUbiblio

Developing and Testing a Visual Hash Scheme

Olembo, Maina and Stockhardt, Simon and Hülsing, Andreas and Volkamer, Melanie
University, Plymouth (ed.) :

Developing and Testing a Visual Hash Scheme.
European Information Security Multi-Conference (EISMC 2013)
[Conference or Workshop Item] , (2013)

Abstract

Users find comparing long meaningless strings of alphanumeric characters difficult, yet they have to carry out this task when comparing cryptographic hash values for https certificates and PGP keys, or in the context of electronic voting. Visual hashes - where users compare images rather than strings - have been proposed as an alternative. With the visual hashes available in literature, however, people are unable to sufficiently distinguish more than 30 bits. Obviously, this does not provide adequate security against collision attacks. Our goal is to improve the situation: a visual hash scheme was developed, evaluated through pilot user studies and improved iteratively, leading to CLPS, which encodes 60 distinguishable bits using Colours, Patterns and Shapes. In the final user study, participants attained an average accuracy rate of 97% when comparing two visual hash images, with one placed above the other. CLPS was further tested in two follow-up studies, simulating https certificate validation and verifying in remote electronic voting. The results of this work and their implications for practical applications of visual hash schemes are discussed.

Item Type: Conference or Workshop Item
Erschienen: 2013
Editors: University, Plymouth
Creators: Olembo, Maina and Stockhardt, Simon and Hülsing, Andreas and Volkamer, Melanie
Title: Developing and Testing a Visual Hash Scheme
Language: English
Abstract:

Users find comparing long meaningless strings of alphanumeric characters difficult, yet they have to carry out this task when comparing cryptographic hash values for https certificates and PGP keys, or in the context of electronic voting. Visual hashes - where users compare images rather than strings - have been proposed as an alternative. With the visual hashes available in literature, however, people are unable to sufficiently distinguish more than 30 bits. Obviously, this does not provide adequate security against collision attacks. Our goal is to improve the situation: a visual hash scheme was developed, evaluated through pilot user studies and improved iteratively, leading to CLPS, which encodes 60 distinguishable bits using Colours, Patterns and Shapes. In the final user study, participants attained an average accuracy rate of 97% when comparing two visual hash images, with one placed above the other. CLPS was further tested in two follow-up studies, simulating https certificate validation and verifying in remote electronic voting. The results of this work and their implications for practical applications of visual hash schemes are discussed.

Title of Book: European Information Security Multi-Conference (EISMC 2013)
Uncontrolled Keywords: Security, Usability and Society;Secure Data
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Department of Computer Science > SECUSO - Security, Usability and Society
Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
Department of Computer Science
Profile Areas
LOEWE
Date Deposited: 28 Jul 2016 18:35
Identification Number: TUD-CS-2013-0077
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item