Blog Category: cryptography and security

AirAuth: Authentication through In-Air Gestures Instead of Passwords


At the CHI 2014 conference, we demonstrated a new prototype authentication system, AirAuth, that explores the use of in-air gestures for authentication purposes as an alternative to password-based entry.

Previous work has shown that passwords or PINs as an authentication mechanism have usability issues that ultimately lead to a compromise in security. For instance, as the number of services to authenticate to grows, users use variations of basic passwords, which are easier to remember, thus making their accounts susceptible to attack if one is compromised.

On mobile devices, smudge attacks and shoulder surfing attacks pose a threat to authentication, as finger movements on a touch screen are easy to record visually and to replicate.

AirAuth addresses these issues by replacing password entry with a gesture. Motor memory makes it a simple task for most users to remember their gesture. Furthermore, since we track multiple points on the user’s hands, we do obtain tracking information that is unique to the physical appearance of the legitimate user, so there is an implicit biometric built into AirAuth. Smudge attacks are averted due to the touchless gesture entry and a user study we conducted shows that AirAuth is also quite resistant towards camera-based shoulder surfing attacks.

Our demo at CHI showed the enrollment and authentication phases of our system. We gave attendees the opportunity to enroll in our system and check AirAuth’s capabilities to recognize their gestures. We got great responses from the attendees and obtained enrollment gestures from a number of them. We plan to use these enrollment gestures to evaluate AirAuth’s accuracy in field conditions.

A User’s Special Touch


Yesterday Volker Roth came back for a visit and to give us a preview of the talk he will give next week at UIST 2010 on his work with Philipp Schmidt and Benjamin Güldenring on The IR Ring: Authenticating users’ touches on a multi-touch display. The work supports multiple users interacting with the same screen at the same time with different access and control permissions. For example, you may want to show me a document on a multi-touch display, but that does not mean you want me to be able to delete that document. Similarly, I may want to show you a particular e-mail I received, without giving you the ability to access my other e-mail messages, or to send one in my name. Roth et al. implemented hardware and software add-ons for a multi-touch display that restrict certain actions to the user wearing the IR ring emitting the appropriate signal. Users wearing different rings have different access and control privileges. In this way, only you can delete your document, and only I can access my other e-mail messages.

Roth and his coauthors frame their work as preventing “pranksters and miscreants” from carrying out “their schemes of fraud and malice.” To me, the work is most compelling as a means to avoid mistakes and to frustrate human curiosity. Continue Reading

Overflow overflow?


Ten days ago,  a theoretical computer science community Q&A site went beta and seems to be generating a fair amount of activity. I’m a big fan of MathOverflow, and am delighted to see a similar site springing up for a different field.

Thirty-nine days ago,  a new mathematics site went beta, which initially puzzled me since the mathematics community already has the highly successful MathOverflow site. The difference appears to be that MathOverflow is specifically for research mathematics whereas the new site aims to be broader, allowing more elementary questions.

Overall, I think a proliferation of such sites is great, but it is also confusing. It isn’t always clear when a question is research level or not. There are questions tagged algebra or topology on the CS theory site that are pure mathematics questions. There’s a question tagged  graph theory that had been posted previously to MathOverflow. I am delighted to see that both and quantum computing already are populated with a few questions, but similar questions in these areas received good answers on MathOverflow. It would be a shame if the proliferation of sites lead to less interaction between fields rather than more. I’ll be curious to see how the usage patterns play out over time.

Computing with Secrets

on Comments (1)

Tom Simonite of Technology Review interviewed me about the breakthrough in fully homomorphic encryption that I blogged about here. I very much enjoyed talking with him, and was pleased to see that he wrote a good article on the subject: Computing with Secrets, but Keeping them Safe: A cryptographic method could see cloud services work with sensitive data without ever decrypting it. He quotes me a couple of times on the second page of the article and generously gives me the last word.

I’ve been surprised at how little has been written about this breakthrough, little enough that my blog post continues to be among the top 20 hits for a number of related queries. The field is definitely hot, with DARPA recently announcing two related solicitations, DARPA-RA-10-80 and DARPA-BAA-10-81, on PROgramming Computation on EncryptEd Data (PROCEED). The first solicits research proposals for development of new mathematical foundations for efficient computation on encrypted data via fully homomorphic encryption. The second solicitation is broader, with the goal of developing practical methods for computation on encrypted data without decrypting the data and modern programming languages to describe these computations.

Computing with Secrets, but Keeping them Safe

Computing with Secrets, but Keeping them Safe

Toward pragmatic definitions of privacy

on Comments (1)

The success of de-anonymization efforts, as discussed here, suggests that older anonymization methods no longer work, especially in light of the large amount of publicly available data that can serve as auxiliary information. The quest to find suitable replacements for these methods is ongoing. As one starting point in this broader quest, we need useful definitions of privacy.

It has proven surprisingly difficult to find pragmatic definitions of privacy, definitions that capture a coherent aspect of privacy, are workable in the sense that it is possible to protect privacy defined in this way, and are sufficiently formal to provide means for determining if a method protects this type of privacy and, if so, how well.

The best attempt to date is the notion of differential privacy. Continue Reading

Whither data privacy?

on Comments (3)

On Friday Netflix canceled the sequel to its Netflix prize due to privacy concerns. The announcement of the cancellation has had a mixed reception from both researchers and the public. Narayanan and Shmatikov, the researchers who exposed the privacy issues in the original Netflix prize competition data, write “Today is a sad day. It is also a day of hope.”

The Netflix prize data example is probably the third most famous example of de-anonymization of data that was released with the explicit claim that the data had been anonymized. These examples differ from the privacy breaches discussed by Maribeth Back in her post on ChatRoulette or the issues with Google Buzz discussed as part of Gene Golovchinsky’s post “What’s private on the Web?” . Those examples made sensitive information available directly. In the case of the following three de-anonymization attacks, the data itself was “anonymized,” but researchers were able, with the addition of  publicly available auxiliary information, de-anonymize much of the data.

Continue Reading

How to compute without knowing anything

on Comments (5)

In my post on quantum inspired classical results, I gave as one example Gentry’s recent discovery of a fully homomorphic encryption scheme. His beautiful work deserves its own blog post. Initially I approached his work with trepidation, worried that it would be so technical I would not understand anything without a lot of work. Others have mentioned not  having looked at his work for the same reason. That is a shame! While the details are technical, the key idea, bootstrappable encryption, is both a non-obvious approach and an easily understandable concept.  I remember smiling while I read the first couple of pages of his paper in response to the elegance and surprising simplicity of his approach.

Continue Reading

Summer intern position in privacy preserving computation

on Comments (1)

This is the third of a series of posts advertising internship positions at FXPAL for the summer of 2010.  A listing of all blog posts about our 2010 internship positions is available here.

Significant privacy issues arise when personal data is stored and analyzed. This issue is exacerbated when part or all of the storage and analysis is outsourced to a third party. To support such analysis in an awareness system, while addressing the privacy concerns, we are building into our system a facility that supports computation of simple statistics on encrypted data. This facility can be extended in a number of ways to support a greater variety of computations. There are a wealth of research questions related to designing such a system to support the types of computations useful to our application while choosing the best tradeoffs in terms of storage, bandwidth, division of labor between the third party and the clients, computation time at encryption, time to compute the statistics, and time to decrypt.

Prospective candidates should be enrolled in a PhD program and have significant experience in privacy and security, particularly computation on or search of encrypted data.

The intern will be hosted by Eleanor Rieffel.  For more information on the FXPAL internship program, please visit our web site.

768 bites the dust!

on Comments (1)

A multinational team announced on January 7th that they, together with hundreds of computers, running for two years, carrying out about 2^67 instructions, factored RSA-768.  For more details, see their paper. They suggest that this result should encourage everyone to follow NIST’s recommendation to phase out 1024-bit RSA keys.

Quantum inspired classical results

on Comments (7)

In yesterday’s post, I mentioned that one of my favorite topics is classical results informed by the quantum information processing viewpoint. There are now sufficiently many such results that Drucker and deWolf have written a survey, “Quantum Proofs for Classical Theorems.” I was surprised last month, when another such  example popped up in one of the biggest cryptographic results of 2009, Craig Gentry’s discovery of a fully homomorphic encryption scheme.

Continue Reading