ShadowKey: A Practical Leakage Resilient Password System

The inherent tradeoff between security and usability in the design of leakage resilient password (LRP) systems reveals that a secure LRP system without using any secure channel inevitably incurs a high cognitive workload on its users. To break the barrier on usability and maintain a high level of security, CoverPad relies on a temporary secure channel between user and touch-screen mobile device to deliver hidden transformation messages during password entry. While CoverPad is designed to retain most of the benefits of legacy passwords, it still requires its users to perform certain transformation operations for inputting each password element. To further improve the usability in the design of secure LRP systems, we introduce a new LRP system, which is named as ShadowKey. ShadowKey makes use of either permanent secure channel, which naturally exists between user and the display unit of certain types of mobile devices such as smart glasses, or temporary secure channel, which can be easily realized between user and touch screen by placing a hand-shielding gesture. The secure channel is used to protect the mappings between original password symbols and associated random symbols. After viewing the mappings, a user of ShadowKey may input the random symbols, instead of the original password, in an open channel. ShadowKey is easy to use in a sense that users do not need to remember anything else except passwords, and they do not need to perform any transformation operations in their minds as it is required in the previous LRP systems.