Advertisement

EyeDecrypt — Private Interactions in Plain Sight

  • Andrea G. Forte
  • Juan A. Garay
  • Trevor Jim
  • Yevgeniy Vahlis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8642)

Abstract

We introduce EyeDecrypt, a novel technology for privacy-preserving human-computer interaction. EyeDecrypt allows only authorized users to decipher data shown on a display, such as an electronic screen or plain printed material; in the former case, the authorized user can then interact with the system (e.g., by pressing buttons on the screen), without revealing the details of the interaction to others who may be watching or to the system itself.

The user views the decrypted data on a closely-held personal device, such as a pair of smart glasses with a camera and heads-up display, or a smartphone. The data is displayed as an image overlay on the personal device, which we assume cannot be viewed by the adversary. The overlay is a form of augmented reality that not only allows the user to view the protected data, but also to securely enter input into the system by randomizing the input interface.

EyeDecrypt consists of three main components: a visualizable encryption scheme; a dataglyph-based visual encoding scheme for the ciphertexts generated by the encryption scheme; and a randomized input and augmented reality scheme that protects user inputs without harming usability. We describe all aspects of EyeDecrypt, from security definitions, constructions and analysis, to implementation details of a prototype developed on a smartphone.

Keywords

Augmented Reality Encryption Scheme Message Authentication Code Visual Cryptography Personal Device 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Backes, M., Chen, T., Drmuth, M., Lensch, H.P.A., Welk, M.: Tempest in a teapot: Compromising reflections revisited. In: IEEE Symposium on Security and Privacy, pp. 315–327 (2009)Google Scholar
  2. 2.
    Backes, M., Drmuth, M., Unruh, D.: Compromising reflections-or-how to read LCD monitors around the corner. In: IEEE Symposium on Security and Privacy, pp. 158–169 (2008)Google Scholar
  3. 3.
    Conde-Lagoa, D., Costa-Montenegro, E., Gonzalez-Castao, F., Gil-Castieira, F.: Secure eTickets based on QR-Codes with user-encrypted content. In: 2010 Digest of Technical Papers International Conference on Consumer Electronics (ICCE), pp. 257–258 (2010)Google Scholar
  4. 4.
    De Luca, A., Frauendienst, B., Boring, S., Hussmann, H.: My phone is my keypad: Privacy-enhanced PIN-entry on public terminals. In: Proceedings of the 21st Annual Conference of the Australian Computer-Human Interaction Special Interest Group, pp. 401–404. ACM, New York (2009), http://doi.acm.org/10.1145/1738826.1738909 Google Scholar
  5. 5.
    De Luca, A., Hertzschuch, K., Hussmann, H.: ColorPIN: Securing PIN entry through indirect input. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1103–1106. ACM, New York (2010), http://doi.acm.org/10.1145/1753326.1753490 Google Scholar
  6. 6.
    Fang, C., Chang, E.C.: Securing interactive sessions using mobile device through visual channel and visual inspection. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC 2010, pp. 69–78. ACM, New York (2010), http://doi.acm.org/10.1145/1920261.1920272 Google Scholar
  7. 7.
    Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) Advances in Cryptology - CRYPT0 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994), http://dl.acm.org/citation.cfm?id=646758.705697
  8. 8.
    Forget, A., Chiasson, S., Biddle, R.: Shoulder-surfing resistance with eye-gaze entry in cued-recall graphical passwords. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1107–1110. ACM, New York (2010), http://doi.acm.org/10.1145/1753326.1753491 Google Scholar
  9. 9.
    Forte, A., Garay, J., Jim, T., Vahlis, Y.: Eyedecrypt – private interactions in plain sight. Cryptology ePrint Archive, Report 2013/590 (2013), http://eprint.iacr.org/
  10. 10.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984), http://www.sciencedirect.com/science/article/pii/0022000084900709 CrossRefzbMATHMathSciNetGoogle Scholar
  11. 11.
    Google: Google Glass, http://www.google.com/glass
  12. 12.
    ISO: Information technology – Automatic identification and data capture techniques – Data Matrix bar code symbology specification. ISO 16022:2006. International Organization for Standardization, Geneva, Switzerland (2006)Google Scholar
  13. 13.
    ISO: Information technology – Automatic identification and data capture techniques – QR Code 2005 bar code symbology specification. ISO 18004:2006. International Organization for Standardization, Geneva, Switzerland (2006)Google Scholar
  14. 14.
    Itseez: Open Source Computer Vision (OpenCV) Library, http://opencv.org
  15. 15.
    Kumar, M., Garfinkel, T., Boneh, D., Winograd, T.: Reducing shoulder-surfing by using gaze-based password entry. In: Proceedings of the 3rd Symposium on Usable Privacy and Security, SOUPS 2007, pp. 13–19. ACM, New York (2007), http://doi.acm.org/10.1145/1280680.1280683 Google Scholar
  16. 16.
    Liang, J., Doermann, D., Li, H.: Camera-based analysis of text and documents: A survey. International Journal of Document Analysis and Recognition (IJDAR) 7(2-3), 84–104 (2005), http://link.springer.com/article/10.1007/s10032-004-0138-z Google Scholar
  17. 17.
    McCune, J.M., Perrig, A., Reiter, M.K.: Seeing-is-believing: Using camera phones for human-verifiable authentication. In: IEEE Symposium on Security and Privacy, pp. 110–124. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  18. 18.
    Naor, M., Shamir, A.: Visual cryptography. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 1–12. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  19. 19.
    Nishino, K., Nayar, S.K.: Corneal imaging system: Environment from eyes. International Journal of Computer Vision 70(1), 23–40 (2006)CrossRefGoogle Scholar
  20. 20.
    Parikh, D., Jancke, G.: Localization and segmentation of a 2D high capacity color barcode. In: IEEE Workshop on Applications of Computer Vision, pp. 1–6. IEEE (2008)Google Scholar
  21. 21.
    Perli, S.D., Ahmed, N., Katabi, D.: PixNet: Interference-free wireless links using LCD-camera pairs. In: Proceedings of the Sixteenth Annual International Conference on Mobile Computing and Networking, MobiCom 2010, pp. 137–148. ACM, New York (2010), http://doi.acm.org/10.1145/1859995.1860012 Google Scholar
  22. 22.
    Reilly, D., Chen, H., Smolyn, G.: Toward fluid, mobile and ubiquitous interaction with paper using recursive 2D barcodes. In: 3rd International Workshop on Pervasive Mobile Interaction Devices, PERMID 2007 (May 2007)Google Scholar
  23. 23.
    Roth, V., Richter, K., Freidinger, R.: A PIN-entry method resilient against shoulder surfing. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 236–245. ACM, New York (2004), http://doi.acm.org/10.1145/1030083.1030116 Google Scholar
  24. 24.
    Sattar, J., Bourque, E., Giguere, P., Dudek, G.: Fourier tags: Smoothly degradable fiducial markers for use in human-robot interaction. In: Fourth Canadian Conference on Computer and Robot Vision, CRV 2007, pp. 165–174 (2007)Google Scholar
  25. 25.
    Saxena, N., Ekberg, J.E., Kostiainen, K., Asokan, N.: Secure device pairing based on a visual channel. In: IEEE Symposium on Security and Privacy, pp. 306–313. IEEE Computer Society (2006)Google Scholar
  26. 26.
    Starnberger, G., Froihofer, L., Goeschka, K.: QR-TAN: Secure mobile transaction authentication. In: International Conference on Availability, Reliability and Security, ARES 2009, pp. 578–583 (2009)Google Scholar
  27. 27.
    Suzuki, S., Abe, K.: Topological structural analysis of digitized binary images by border following. Computer Vision, Graphics, and Image Processing 30, 32–46 (1985)CrossRefzbMATHGoogle Scholar
  28. 28.
    Tateno, K., Kitahara, I., Ohta, Y.: A nested marker for augmented reality. In: IEEE Virtual Reality Conference, VR 2007, pp. 259–262 (2007)Google Scholar
  29. 29.
    Tow, R.F.: Methods and means for embedding machine readable digital data in halftone images (May 24, 1994), US Patent 5,315,098Google Scholar
  30. 30.
    Tuytelaars, T., Mikolajczyk, K.: Local invariant feature detectors: A survey. Foundations and Trends in Computer Graphics and Vision 3(3), 177–280 (2007)CrossRefGoogle Scholar
  31. 31.
    Wikipedia: Moiré pattern (2013), http://en.wikipedia.org/wiki/Moir%C3%A9_pattern

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Andrea G. Forte
    • 1
  • Juan A. Garay
    • 2
  • Trevor Jim
    • 1
  • Yevgeniy Vahlis
    • 3
  1. 1.AT&T LabsNew YorkUSA
  2. 2.Yahoo LabsSunnyvaleUSA
  3. 3.ByonimTorontoCanada

Personalised recommendations