SMAPs: Short Message Authentication Protocols

  • Khaled BaqerEmail author
  • Johann Bezuidenhoudt
  • Ross Anderson
  • Markus Kuhn
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10368)


There is a long history of authentication protocols designed for ease of human use, which rely on users copying a short string of digits. Historical examples include telex test keys and early nuclear firing codes; familiar modern examples include prepayment meter codes and the 3-digit card verification values used in online shopping. In this paper, we show how security protocols that are designed for human readability and interaction can fail to provide adequate protection against simple attacks. To illustrate the problem, we discuss an offline payment protocol and explain various problems. We work through multiple iterations, or ‘evolutions’, of the protocol in order to get better tradeoffs between security and usability. We discuss the limitation of verifying such protocols using BAN logic. Our aim is to develop usable human-friendly protocols that can be used in constrained offline environments. We conclude that protocol designers need to be good curators of security state, and also pay attention to the interaction between online and offline functions. In fact, we suggest that delay-tolerant networking might be a future direction of evolution for protocol research.


Security Protocols Usability Offline Authentication 


  1. 1.
    Anderson, R.J.: UEPS – a second generation electronic wallet. In: Deswarte, Y., Eizenberg, G., Quisquater, J.-J. (eds.) ESORICS 1992. LNCS, vol. 648, pp. 411–418. Springer, Heidelberg (1992). doi: 10.1007/BFb0013910 CrossRefGoogle Scholar
  2. 2.
    Anderson, R.J., Bezuidenhout, S.J.: Cryptographic credit control in pre-payment metering systems. In: Security and Privacy, p. 15. IEEE (1995)Google Scholar
  3. 3.
    Baddeley, A., Longman, D.: The influence of length and frequency of training session on the rate of learning to type. Ergonomics 21(8), 627–635 (1978)CrossRefGoogle Scholar
  4. 4.
    Black, J., Rogaway, P.: Ciphers with arbitrary finite domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002). doi: 10.1007/3-540-45760-7_9 CrossRefGoogle Scholar
  5. 5.
    Blanchet, B.: CryptoVerif: computationally sound mechanized prover for cryptographic protocols. In: Dagstuhl seminar Formal Protocol Verification Applied, p. 117 (2007)Google Scholar
  6. 6.
    Bond, M., Choudary, O., Murdoch, S.J., Skorobogatov, S., Anderson, R.: Chip and skim: cloning EMV cards with the pre-play attack. In: IEEE Symposium on Security and Privacy (SP), pp. 49–64. IEEE (2014)Google Scholar
  7. 7.
    Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. Proc. Roy. Soc. Lond. A Math. Phys. Eng. Sci. 426, 233–271 (1989). The Royal SocietyMathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Khaled Baqer
    • 1
    Email author
  • Johann Bezuidenhoudt
    • 2
  • Ross Anderson
    • 1
  • Markus Kuhn
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK
  2. 2.Leonine Initiatives (Pty) Ltd.RoodepoortSouth Africa

Personalised recommendations