Security Analysis and Psychological Study of Authentication Methods with PIN Codes

Abstract : Touch screens have become ubiquitous in the past few years, like for instance in smartphones and tablets. These devices are often the entry door to numerous information systems, hence having a secure and practical authentication mechanism is crucial. In this paper, we examine the complexity of different authentication methods specifically designed for such devices. We study the widely spread technology to authenticate a user using a Personal Identifier Number code (PIN code). Entering the code is a critical moment where there are several possibilities for an attacker to discover the secret. We consider the three attack models: a Bruteforce Attack (BA) model , a Smudge Attack (SA) model, and an Observation Attack (OA) model where the attacker sees the user logging in on his device. The aim of the intruder is to learn the secret code. Our goal is to propose alternative methods to enter a PIN code. We compare such different methods in terms of security. Some methods require more intentional resources than other, this is why we performed a psychological study on the different methods to evaluate the users' perception of the different methods and their usage.
Type de document :
Communication dans un congrès
RCIS 2018 - IEEE 12th International Conference on Research Challenges in Information Science, May 2018, Nantes, France. 12th International Conference on Research Challenges in Information Science, RCIS 2018, Nantes, France, May 29-31, 2018
Liste complète des métadonnées

Littérature citée [29 références]  Voir  Masquer  Télécharger

https://hal.archives-ouvertes.fr/hal-01777898
Contributeur : Jannik Dreier <>
Soumis le : mercredi 25 avril 2018 - 10:56:41
Dernière modification le : mercredi 5 décembre 2018 - 13:26:51
Document(s) archivé(s) le : lundi 24 septembre 2018 - 23:07:50

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01777898, version 1

Citation

Xavier Bultel, Jannik Dreier, Matthieu Giraud, Marie Izaute, Timothée Kheyrkhah, et al.. Security Analysis and Psychological Study of Authentication Methods with PIN Codes. RCIS 2018 - IEEE 12th International Conference on Research Challenges in Information Science, May 2018, Nantes, France. 12th International Conference on Research Challenges in Information Science, RCIS 2018, Nantes, France, May 29-31, 2018. 〈hal-01777898〉

Partager

Métriques

Consultations de la notice

545

Téléchargements de fichiers

237