Leakage Resilient Password Systems: Attacks, Principles, and Usability

  • Yingjiu Li
  • Qiang Yan
  • Robert H. Deng
Part of the SpringerBriefs in Computer Science book series (BRIEFSCOMPUTER)


Designing leakage resilient password (LRP) systems for unaided users remains a challenge today despite two decades of intensive research. Most systems were broken soon after their proposals, while the remnants are very difficult to use. This chapter addresses the fundamental limitations on the general design aspects of such systems. First, it is revealed that most of existing LRP systems are subject to two types of generic attacks, the brute force attacks and the statistical attacks. Second, several principles are identified for the design of LRP systems so as to achieve leakage resilience in the presence of these attacks. It is also shown that the attacks cannot be effectively mitigated without sacrificing the usability of LRP systems significantly under certain constraints. Third, a quantitative analytical framework on the usability cost is proposed for better understanding of the tradeoff between security and usability. Decomposing the authentication process of existing LRP systems into some atomic cognitive operations in psychology, the framework justifies that a secure LRP system always imposes a considerable amount of cognitive workload on its users in the case that the users do not leverage any secure channel when interacting with the system. This inherent limitation implies that designing a highly usable and secure LRP system must incorporate certain type of secure channels.


Secret Image Secure Channel Statistical Attack Average Success Rate Cognitive Workload 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Asghar, H.J., Li, S., Pieprzyk, J., Wang, H.: Cryptanalysis of the convex hull click human identification protocol. In: Proceedings of the 13th international conference on information security, pp. 24–30 (2010)Google Scholar
  2. 2.
    Asghar, H.J., Pieprzyk, J., Wang, H.: A new human identification protocol and coppersmith’s baby-step giant-step algorithm. In: Proceedings of the 8th international conference on applied cryptography and network security, pp. 349–366 (2010)Google Scholar
  3. 3.
    Baddeley, A.D.: The Essential Handbook of Memory Disorders for Clinicians, Chapter 1, pp. 1–13. Wiley, New York (2004)Google Scholar
  4. 4.
    Bai, X., Gu, W., Chellappan, S., Wang, X., Xuan, D., Ma, B.: Pas: predicate-based authentication services against powerful passive adversaries. In: Proceedings of the 2008 annual computer security applications conference, pp. 433–442 (2008)Google Scholar
  5. 5.
    Biddle, R., Chiasson, S., van Oorschot, P.C.: Graphical passwords: learning from the first twelve years. In: Technical Report TR-11-01 (2011)Google Scholar
  6. 6.
    Campbell, J.I.D., Xue, Q.: Cognitive arithmetic across cultures. J. Exp. Psychol. Gen. 130(2), 299–315 (2001)CrossRefGoogle Scholar
  7. 7.
    Corbina, L., Marquer, J.: Effect of a simple experimental control: the recall constraint in Sternberg’s memory scanning task. Eur. J. Cogn. Psychol. 20(5), 913–935 (2008)CrossRefGoogle Scholar
  8. 8.
    Coskun, B., Herley, C.: Can “something you know” be saved? In: Proceedings of the 11th international conference on information security, pp. 421–440 (2008)Google Scholar
  9. 9.
    Cowan, N.: The magical number 4 in short-term memory: a reconsideration of mental storage capacity. Behav. Brain Sci. 24(1), 87–114 (2001)CrossRefGoogle Scholar
  10. 10.
    Craik, F.I., McDowd, J.M.: Age differences in recall and recognition. J. Exp. Psychol. 13(3), 474–479 (1987)Google Scholar
  11. 11.
    Dunphy, P., Heiner, A.P., Asokan, N.: A closer look at recognition-based graphical passwords on mobile devices. In: Proceedings of the sixth symposium on usable privacy and security, pp. 3:1–3:12 (2010)Google Scholar
  12. 12.
    Fisher, D.L.: Central capacity limits in consistent mapping, visual search tasks: four channels or more? Cogn. Psychol. 16(4), 449–484 (1984)CrossRefGoogle Scholar
  13. 13.
    Golle, P., Wagner, D.: Cryptanalysis of a cognitive authentication scheme (extended abstract). In: Proceedings of the 2007 IEEE symposium on security and privacy, pp. 66–70 (2007)Google Scholar
  14. 14.
    Hogan, R.M., Kintsch, W.: Differential effects of study and test trials on long-term recognition and recall. J. Verbal Learn. Verbal Behav. 10(5), 562–567 (1971)CrossRefGoogle Scholar
  15. 15.
    Hopper, N.J., Blum, M.: Secure human identification protocols. In: Proceedings of the 7th international conference on the theory and application of cryptology and information security: advances in cryptology, pp. 52–66 (2001)Google Scholar
  16. 16.
    Horowitz, T.S., Wolfe, J.M.: Search for multiple targets: remember the targets, forget the search. Percept. Psychophys. 63(2), 272–285 (2001)CrossRefGoogle Scholar
  17. 17.
    Lei, M., Xiao, Y., Vrbsky, S.V., Li, C.-C., Liu, L.: A virtual password scheme to protect passwords. In: Proceedings of IEEE international conference on communications, pp. 1536–1540 (2008)Google Scholar
  18. 18.
    Li, S., Asghar, H.J., Pieprzyk, J., Sadeghi, A.-R., Schmitz, R., Wang, H.: On the security of PAS (predicate-based authentication service). In: Proceedings of the 2009 annual computer security applications conference, pp. 209–218 (2009)Google Scholar
  19. 19.
    Li, S., Khayam, S.A., Sadeghi, A.-R., Schmitz, R.: Breaking randomized linear generation functions based virtual password system. In: Proceedings of the 2010 IEEE international conference on communications, pp. 23–27 (2010)Google Scholar
  20. 20.
    Li, S., Shum, H.-Y.: Secure human-computer identification (interface) systems against peeping attacks: SecHCI. In: Cryptology ePrint Archive, Report 2005/268 (2005)Google Scholar
  21. 21.
    Long, J., Wiles, J.: No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing. Syngress, Rockland (2008)Google Scholar
  22. 22.
    Matsumoto, T., Imai, H.: Human identification through insecure channel. In: Proceedings of the 10th annual international conference on theory and application of cryptographic techniques, pp. 409–421 (1991)Google Scholar
  23. 23.
    Nobel, P.A., Shiffrin, R.M.: Retrieval processes in recognition and cued recall. J. Exp. Psychol. 27(2), 384–413 (2001)Google Scholar
  24. 24.
    Rohrer, D., Wixted, J.T.: An analysis of latency and interresponse time in free recall. Mem. Cogn. 22(5), 511–524 (1994)CrossRefGoogle Scholar
  25. 25.
    Roth, V., Richter, K., Freidinger, R.: A PIN-entry method resilient against shoulder surfing. In: Proceedings of the 11th ACM conference on computer and communications security, pp. 236–245 (2004)Google Scholar
  26. 26.
    Sasamoto, H., Christin, N., Hayashi, E.: Undercover: authentication usable in front of prying eyes. In: Proceeding of the twenty-sixth annual SIGCHI conference on human factors in computing systems, pp. 183–192 (2008)Google Scholar
  27. 27.
    Sternberg, S.: Memory-scanning: mental processes revealed by reaction-time experiments. Am. Sci. 57, 421–457 (1969)Google Scholar
  28. 28.
    Unsworth, N., Engle, R.W.: The nature of individual differences in working memory capacity: active Maintenance in primary memory and controlled search from secondary memory. Psychol. Rev. 114(1), 104–132 (2007)CrossRefGoogle Scholar
  29. 29.
    Vogel, E.K., Machizawa, M.G.: Neural activity predicts individual differences in visual working memory capacity. Nature 428(6984), 748–751 (2004)CrossRefGoogle Scholar
  30. 30.
    Weinshall, D.: Cognitive authentication schemes safe against spyware (short paper). In: Proceedings of the 2006 IEEE symposium on security and privacy, pp. 295–300 (2006)Google Scholar
  31. 31.
    Wiedenbeck, S., Waters, J., Sobrado, L., Birget, J.-C.: Design and evaluation of a shoulder-surfing resistant graphical password scheme. In: Proceedings of the working conference on advanced visual interfaces, pp. 177–184 (2006)Google Scholar
  32. 32.
    Woodman, G.F., Chun, M.M.: The role of working memory and long-term memory in visual search. Vis. Cogn. 14(4–8), 808–830 (2006)CrossRefGoogle Scholar
  33. 33.
    Woodman, G.F., Luck, S.J.: Visual search is slowed when visuospatial working memory is occupied. Psychon. Bull. Rev. 11(2), 269–274 (2004)CrossRefGoogle Scholar
  34. 34.
    Yan, Q., Han, J., Li, Y., Deng, R.H.: On limitations of designing usable leakage-resilient password systems: attacks, principles and usability. In: Proceedings of the 19th network & distributed system security symposium (NDSS) (2012)Google Scholar
  35. 35.
    Zhao, H., Li, X.: S3PAS: a scalable shoulder-surfing resistant textual-graphical password authentication scheme. In: Proceedings of the 21st international conference on advanced information networking and applications workshops, vol. 02, pp. 467–472 (2007)Google Scholar

Copyright information

© The Author(s) 2015

Authors and Affiliations

  • Yingjiu Li
    • 1
  • Qiang Yan
    • 2
  • Robert H. Deng
    • 1
  1. 1.School of Information SystemsSingapore Management UniversitySingaporeSingapore
  2. 2.GoogleZurichSwitzerland

Personalised recommendations