14 May 10:15 Alexander De Luca: Authentication in the Wild

HIIT seminar, Friday May 14, 10:15 a.m. (coffee from 10), Exactum B222

Alexander De Luca
Ludwig-Maximilians-Universität München

Authentication in the Wild

Authentication on public terminals like cash machines is a quite common task these days. Being publicly available 24/7, they provide a convenience we do not want to miss anymore. Both of these qualities – public location and easy access – make public terminals highly vulnerable to manifold attacks. Thus, simple shoulder surfing is still a common fraud scenario on cash machines. The solution seems to create better and more secure authentication mechanisms. This task is not trivial because of the standards for simplicity and speed which have been set by PIN authentication. Authentication by short PINs is extremely simple and fast. None of the secure authentication mechanisms in the literature can compete with its simplicity. Since PIN authentication is the obvious baseline for authentication mechanisms, a common trade-off is to create systems in a way that they are significantly more secure than PIN authentication and provide a tolerable authentication speed. However, there is no common sense on what "acceptable input speed" actually means. Moreover, there is no agreement on what criteria – besides security and speed – an authentication system for public terminals should be judged upon.

In this talk, I will discuss criteria for public authentication that help with the design, evaluation and comparison of authentication systems for public terminals.

Last updated on 11 May 2010 by Visa Noronen - Page created on 15 May 2010 by Visa Noronen