Skip to Main content Skip to Navigation
Book sections

Morellian Analysis for Browsers: Making Web Authentication Stronger with Canvas Fingerprinting

Pierre Laperdrix 1 Gildas Avoine 2 Benoit Baudry 3 Nick Nikiforakis 4
1 DiverSe - Diversity-centric Software Engineering
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
2 EMSEC - EMbedded SEcurity and Cryptography
IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
3 DiverSe - Diversity-centric Software Engineering
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : In this paper, we present the first fingerprinting-based authen-tication scheme that is not vulnerable to trivial replay attacks. Our proposed canvas-based fingerprinting technique utilizes one key characteristic: it is parameterized by a challenge, generated on the server side. We perform an in-depth analysis of all parameters that can be used to generate canvas challenges , and we show that it is possible to generate unique, unpredictable, and highly diverse canvas-generated images each time a user logs onto a service. With the analysis of images collected from more than 1.1 million devices in a real-world large-scale experiment, we evaluate our proposed scheme against a large set of attack scenarios and conclude that canvas fingerprinting is a suitable mechanism for stronger authentication on the web.
Document type :
Book sections
Complete list of metadatas

Cited literature [36 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02881632
Contributor : Gildas Avoine <>
Submitted on : Friday, June 26, 2020 - 11:27:56 AM
Last modification on : Saturday, June 27, 2020 - 3:12:48 AM

File

canvasauthentication_dimva2019...
Files produced by the author(s)

Identifiers

Citation

Pierre Laperdrix, Gildas Avoine, Benoit Baudry, Nick Nikiforakis. Morellian Analysis for Browsers: Making Web Authentication Stronger with Canvas Fingerprinting. Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, 2019, Gothenburg, Sweden, June 19-20, 2019, Proceedings, pp.43-66, 2019, ⟨10.1007/978-3-030-22038-9_3⟩. ⟨hal-02881632⟩

Share

Metrics

Record views

24

Files downloads

25