POSTER: AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets

Joon Kuy Han; Dennis Wong; Byungkon Kang

doi:10.1007/978-3-031-41181-6_36

POSTER: AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets

Joon Kuy Han, Dennis Wong, Byungkon Kang

Faculty of Applied Sciences

Stony Brook University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Designing a fallback authentication mechanism that is both memorable and strong is a challenging problem because of the trade-off between usability and security. This challenge is particularly pronounced for accounts that require infrequent authentication, where the authentication secrets must remain secure and easy to recall without frequent reinforcement. Inspired by people’s strong visual-spatial memory and memory via association, we introduce a novel system AuthZit to help address this problem. AuthZit encodes authentication secrets as paths through a 3D map of places in real life navigated in the first person and birds-eye perspective, along with a textual secret tagged with this path. We evaluated the usability and security of our design in two dimensions: memorability after one month and speed through a user study with 20 participants. Our results suggest that (1) user authentication secrets in AuthZit are memorable, and (2) authentication using AuthZit was not significantly slower to enter.

Original language	English
Title of host publication	Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings
Editors	Jianying Zhou, Lejla Batina, Stjepan Picek, Zengpeng Li, Jingqiang Lin, Eleonora Losiouk, Suryadipta Majumdar, Daisuke Mashima, Weizhi Meng, Mohammad Ashiqur Rahman, Jun Shao, Masaki Shimaoka, Ezekiel Soremekun, Chunhua Su, Je Sen Teh, Aleksei Udovenko, Cong Wang, Leo Zhang, Yury Zhauniarovich
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	664-668
Number of pages	5
ISBN (Print)	9783031411809
DOIs	https://doi.org/10.1007/978-3-031-41181-6_36
Publication status	Published - 2023
Event	21st International Conference on Applied Cryptography and Network Security, ACNS 2023 - Kyoto, Japan Duration: 19 Jun 2023 → 22 Jun 2023

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13907 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	21st International Conference on Applied Cryptography and Network Security, ACNS 2023
Country/Territory	Japan
City	Kyoto
Period	19/06/23 → 22/06/23

Keywords

Fallback authentication
Human computer interaction
Usable security
Visual-spatial

Access to Document

10.1007/978-3-031-41181-6_36

Cite this

Han, J. K., Wong, D., & Kang, B. (2023). POSTER: AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets. In J. Zhou, L. Batina, S. Picek, Z. Li, J. Lin, E. Losiouk, S. Majumdar, D. Mashima, W. Meng, M. A. Rahman, J. Shao, M. Shimaoka, E. Soremekun, C. Su, J. S. Teh, A. Udovenko, C. Wang, L. Zhang, & Y. Zhauniarovich (Eds.), Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings (pp. 664-668). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13907 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-41181-6_36

Han, Joon Kuy ; Wong, Dennis ; Kang, Byungkon. / POSTER : AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets. Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings. editor / Jianying Zhou ; Lejla Batina ; Stjepan Picek ; Zengpeng Li ; Jingqiang Lin ; Eleonora Losiouk ; Suryadipta Majumdar ; Daisuke Mashima ; Weizhi Meng ; Mohammad Ashiqur Rahman ; Jun Shao ; Masaki Shimaoka ; Ezekiel Soremekun ; Chunhua Su ; Je Sen Teh ; Aleksei Udovenko ; Cong Wang ; Leo Zhang ; Yury Zhauniarovich. Springer Science and Business Media Deutschland GmbH, 2023. pp. 664-668 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5007996c73184906a7dd6db1fd921303,

title = "POSTER: AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets",

abstract = "Designing a fallback authentication mechanism that is both memorable and strong is a challenging problem because of the trade-off between usability and security. This challenge is particularly pronounced for accounts that require infrequent authentication, where the authentication secrets must remain secure and easy to recall without frequent reinforcement. Inspired by people{\textquoteright}s strong visual-spatial memory and memory via association, we introduce a novel system AuthZit to help address this problem. AuthZit encodes authentication secrets as paths through a 3D map of places in real life navigated in the first person and birds-eye perspective, along with a textual secret tagged with this path. We evaluated the usability and security of our design in two dimensions: memorability after one month and speed through a user study with 20 participants. Our results suggest that (1) user authentication secrets in AuthZit are memorable, and (2) authentication using AuthZit was not significantly slower to enter.",

keywords = "Fallback authentication, Human computer interaction, Usable security, Visual-spatial",

author = "Han, {Joon Kuy} and Dennis Wong and Byungkon Kang",

note = "Publisher Copyright: {\textcopyright} 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.; 21st International Conference on Applied Cryptography and Network Security, ACNS 2023 ; Conference date: 19-06-2023 Through 22-06-2023",

year = "2023",

doi = "10.1007/978-3-031-41181-6_36",

language = "English",

isbn = "9783031411809",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "664--668",

editor = "Jianying Zhou and Lejla Batina and Stjepan Picek and Zengpeng Li and Jingqiang Lin and Eleonora Losiouk and Suryadipta Majumdar and Daisuke Mashima and Weizhi Meng and Rahman, {Mohammad Ashiqur} and Jun Shao and Masaki Shimaoka and Ezekiel Soremekun and Chunhua Su and Teh, {Je Sen} and Aleksei Udovenko and Cong Wang and Leo Zhang and Yury Zhauniarovich",

booktitle = "Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings",

address = "Germany",

}

Han, JK, Wong, D & Kang, B 2023, POSTER: AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets. in J Zhou, L Batina, S Picek, Z Li, J Lin, E Losiouk, S Majumdar, D Mashima, W Meng, MA Rahman, J Shao, M Shimaoka, E Soremekun, C Su, JS Teh, A Udovenko, C Wang, L Zhang & Y Zhauniarovich (eds), Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13907 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 664-668, 21st International Conference on Applied Cryptography and Network Security, ACNS 2023, Kyoto, Japan, 19/06/23. https://doi.org/10.1007/978-3-031-41181-6_36

POSTER: AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets. / Han, Joon Kuy; Wong, Dennis; Kang, Byungkon.
Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings. ed. / Jianying Zhou; Lejla Batina; Stjepan Picek; Zengpeng Li; Jingqiang Lin; Eleonora Losiouk; Suryadipta Majumdar; Daisuke Mashima; Weizhi Meng; Mohammad Ashiqur Rahman; Jun Shao; Masaki Shimaoka; Ezekiel Soremekun; Chunhua Su; Je Sen Teh; Aleksei Udovenko; Cong Wang; Leo Zhang; Yury Zhauniarovich. Springer Science and Business Media Deutschland GmbH, 2023. p. 664-668 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13907 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - POSTER

T2 - 21st International Conference on Applied Cryptography and Network Security, ACNS 2023

AU - Han, Joon Kuy

AU - Wong, Dennis

AU - Kang, Byungkon

PY - 2023

Y1 - 2023

N2 - Designing a fallback authentication mechanism that is both memorable and strong is a challenging problem because of the trade-off between usability and security. This challenge is particularly pronounced for accounts that require infrequent authentication, where the authentication secrets must remain secure and easy to recall without frequent reinforcement. Inspired by people’s strong visual-spatial memory and memory via association, we introduce a novel system AuthZit to help address this problem. AuthZit encodes authentication secrets as paths through a 3D map of places in real life navigated in the first person and birds-eye perspective, along with a textual secret tagged with this path. We evaluated the usability and security of our design in two dimensions: memorability after one month and speed through a user study with 20 participants. Our results suggest that (1) user authentication secrets in AuthZit are memorable, and (2) authentication using AuthZit was not significantly slower to enter.

AB - Designing a fallback authentication mechanism that is both memorable and strong is a challenging problem because of the trade-off between usability and security. This challenge is particularly pronounced for accounts that require infrequent authentication, where the authentication secrets must remain secure and easy to recall without frequent reinforcement. Inspired by people’s strong visual-spatial memory and memory via association, we introduce a novel system AuthZit to help address this problem. AuthZit encodes authentication secrets as paths through a 3D map of places in real life navigated in the first person and birds-eye perspective, along with a textual secret tagged with this path. We evaluated the usability and security of our design in two dimensions: memorability after one month and speed through a user study with 20 participants. Our results suggest that (1) user authentication secrets in AuthZit are memorable, and (2) authentication using AuthZit was not significantly slower to enter.

KW - Fallback authentication

KW - Human computer interaction

KW - Usable security

KW - Visual-spatial

UR - http://www.scopus.com/inward/record.url?scp=85174442201&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-41181-6_36

DO - 10.1007/978-3-031-41181-6_36

M3 - Conference contribution

AN - SCOPUS:85174442201

SN - 9783031411809

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 664

EP - 668

BT - Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings

A2 - Zhou, Jianying

A2 - Batina, Lejla

A2 - Picek, Stjepan

A2 - Li, Zengpeng

A2 - Lin, Jingqiang

A2 - Losiouk, Eleonora

A2 - Majumdar, Suryadipta

A2 - Mashima, Daisuke

A2 - Meng, Weizhi

A2 - Rahman, Mohammad Ashiqur

A2 - Shao, Jun

A2 - Shimaoka, Masaki

A2 - Soremekun, Ezekiel

A2 - Su, Chunhua

A2 - Teh, Je Sen

A2 - Udovenko, Aleksei

A2 - Wang, Cong

A2 - Zhang, Leo

A2 - Zhauniarovich, Yury

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 19 June 2023 through 22 June 2023

ER -

Han JK, Wong D, Kang B. POSTER: AuthZit: Multi-modal Authentication with Visual-Spatial and Text Secrets. In Zhou J, Batina L, Picek S, Li Z, Lin J, Losiouk E, Majumdar S, Mashima D, Meng W, Rahman MA, Shao J, Shimaoka M, Soremekun E, Su C, Teh JS, Udovenko A, Wang C, Zhang L, Zhauniarovich Y, editors, Applied Cryptography and Network Security Workshops - ACNS 2023 Satellite Workshops, ADSC, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S and P, SCI, SecMT, SiMLA, Proceedings. Springer Science and Business Media Deutschland GmbH. 2023. p. 664-668. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-41181-6_36