Defending against device theft with human notarization

People increasingly rely on mobile phones for storing sensitive information and credentials for access to services. Because these devices are vulnerable to theft, security of this data is put at higher risk-once the attacker is in physical possession of the device, recovering these credentials and impersonating the owner of the phone is hard to defend by purely local means. We introduce the concept of `notarization', a process by which a remote notary verifies the identity of the device user through video chat. We describe the design and implementation of a system that leverages notarization to protect cryptographic keys that the device uses to decrypt device data (e.g., website passwords) or perform signatures in support of client-side TLS, without trusting the notary with these keys. Through a lab-based study with 56 participants, we show that notarization even by strangers is effective for combating device theft.

[1]  James W Tanaka,et al.  An Encoding Advantage for Own-Race versus Other-Race Faces , 2003, Perception.

[2]  A. Yarmey,et al.  Face and voice identifications in showups and lineups , 1994 .

[3]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[4]  Michael K. Reiter,et al.  Delegation of cryptographic servers for capture-resilient devices , 2001, CCS '01.

[5]  Paul Miller,et al.  Verification of face identities from images captured on video. , 1999 .

[6]  T. Valentine,et al.  Towards an Exemplar Model of Face Processing: The Effects of Race and Distinctiveness , 1992, The Quarterly journal of experimental psychology. A, Human experimental psychology.

[7]  Lujo Bauer,et al.  Device-Enabled Authorization in the Grey System ¶ , 2006 .

[8]  Mihir Bellare,et al.  Key-Privacy in Public-Key Encryption , 2001, ASIACRYPT.

[9]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[10]  Serge Egelman,et al.  It's not what you know, but who you know: a social approach to last-resort authentication , 2009, CHI.

[11]  Muthucumaru Maheswaran,et al.  Social Authentication Protocol for Mobile Phones , 2009, 2009 International Conference on Computational Science and Engineering.

[12]  G. Pike,et al.  Recognizing moving faces: The relative contribution of motion and perspective view information. , 1997 .

[13]  Nalini Venkatasubramanian,et al.  Delegate: A Proxy Based Architecture for Secure Website Access from an Untrusted Machine , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[14]  Moti Yung,et al.  Fourth-factor authentication: somebody you know , 2006, CCS '06.

[15]  Tim Dierks,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .

[16]  D. Levin Race as a visual feature: using visual search and perceptual discrimination tasks to understand face categories and the cross-race recognition deficit. , 2000, Journal of experimental psychology. General.

[17]  V. Bruce,et al.  Face Recognition in Poor-Quality Video: Evidence From Security Surveillance , 1999 .

[18]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[19]  Justin Zhijun Zhan,et al.  Authentication Using Multi-level Social Networks , 2009, IC3K.

[20]  Michael K. Reiter,et al.  Networked cryptographic devices resilient to capture , 2003, International Journal of Information Security.

[21]  V. Bruce,et al.  Matching identities of familiar and unfamiliar faces caught on CCTV images. , 2001, Journal of experimental psychology. Applied.

[22]  Simson L. Garfinkel,et al.  Secure Web Authentication with Mobile Phones , 2004 .