Human Identification Through Image Evaluation Using Secret Predicates

  • Hassan Jameel
  • Riaz Ahmed Shaikh
  • Heejo Lee
  • Sungyoung Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4377)


The task of developing protocols for humans to securely authenticate themselves to a remote server has been an interesting topic in cryptography as a replacement for the traditional, less secure, password based systems. The protocols proposed in literature are based on some underlying difficult mathematical problem, which are tuned so as to make them easily computable by humans. As a result these protocols are easily broken when desired to be efficiently executable. We present a Human Identification Protocol based on the ability of humans to efficiently process an image given a secret predicate. It is a challenge-response protocol in which a subset of images presented satisfies a secret predicate shared by the challenger and the user. We conjecture that it is hard to guess this secret predicate for adversaries, both humans and programs. It can be efficiently executed by humans with the knowledge of the secret which in turn is easily memorable and replaceable. We prove the security of the protocol separately for human adversaries and programs based on two separate assumptions and justify these assumptions with the help of an example implementation.


Secret Image Function Family Auxiliary Input Oracle Query Passive Adversary 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Matsumoto, T., Imai, H.: Human Identification through Insecure Channel. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 409–421. Springer, Heidelberg (1991)Google Scholar
  2. 2.
    Wang, C.H., Hwang, T., Tsai, J.J.: On the Matsumoto and Imai’s Human Identification Scheme. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 382–392. Springer, Heidelberg (1995)Google Scholar
  3. 3.
    Matsumoto, T.: Human-computer cryptography: An attempt. In: 3rd ACM Conference on Computer and Communications Security, pp. 68–75. ACM Press, New York (1996)CrossRefGoogle Scholar
  4. 4.
    Li, X.-Y., Teng, S.-H.: Practical Human-Machine Identification over Insecure Channels. Journal of Combinatorial Optimization 3, 347–361 (1999)MATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    von Ahn, L., Blum, M., Hopper, N., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Li, S., Shum, H.-Y.: Secure Human-computer identification against Peeping Attacks (SecHCI): A Survey. Unpublished report, available at Elsevier’s Computer Science Preprint Server (2002)Google Scholar
  8. 8.
    Dhamija, R., Perrig, A.: Deja Vu: A user study using images for authentication. In: Proc. of the 9th USENIX Security Symposium, pp. 45–58 (2000)Google Scholar
  9. 9.
    ID Arts Inc: Passfaces - the Art of Identification. Visit:
  10. 10.
    Sorensen, V.: PassPic - Visual Password Management. Visit:
  11. 11.
    The CAPTCHA project: ESP-PIX. Visit,
  12. 12.
    Weinshall, D.: Cognitive Authentication Schemes Safe Against Spyware (Short Paper). In: 2006 IEEE Symposium on Security and Privacy, pp. 295–300 (2006)Google Scholar
  13. 13.
    Golle, P., Wagner, D.: Cryptanalysis of a Cognitive Authentication Scheme. Cryptology ePrint Archive, Report 2006/258,

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Hassan Jameel
    • 1
  • Riaz Ahmed Shaikh
    • 1
  • Heejo Lee
    • 2
  • Sungyoung Lee
    • 1
  1. 1.Department of Computer EngineeringKyung Hee UniversitySuwonSouth Korea
  2. 2.Department of Computer Science and EngineeringKorea University Anam-dong, Seongbuk-guSeoulSouth Korea

Personalised recommendations