Abstract
We propose a protocol for secure communication between two parties who know each other well using only pre-existing shared knowledge from their shared life experience. This could enable, for example, lovers or close friends to communicate over a one-way channel without prior key exchange. Our system uses a flexible secret-sharing mechanism to accommodate pieces of personal knowledge of variable guessing resistance and memorability, with reasonable overhead in terms of computation and storage.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ellison, C., Hall, C., Milbert, R., Schneier, B.: Protecting secret keys with personal entropy. Future Gener. Comput. Syst. 16(4), 311–318 (2000)
Frykholm, N., Juels, A.: Error-tolerant password recovery. In: CCS 2001: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 1–9. ACM, New York (2001)
Just, M.: Designing and evaluating challenge-question systems. IEEE Security & Privacy (2004)
Rabkin, A.: Personal knowledge questions for fallback authentication: Security questions in the era of facebook. In: SOUPS: Symposium on Usable Privacy and Security (2006)
Griffith, V., Jakobsson, M.: Messin’ with Texas Deriving Mother’s Maiden Names Using Public Records. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 91–103. Springer, Heidelberg (2005)
Xu, W., Zhou, X., Li, L.: Inferring privacy information via social relations. In: International Conference on Data Engineering (2008)
Lindamood, J., Kantarcioglu, M.: Inferring private information using social network data. Technical Report UTDCS-21-08, University of Texas at Dallas Computer Science Department (2008)
Jakobsson, M., Stolterman, E., Wetzel, S., Yang, L.: Love and authentication. In: CHI 2008: Proceeding of the Twenty-Sixth Annual SIGCHI Conference on Human Factors in Computing Systems, pp. 197–200. ACM, New York (2008)
Jakobsson, M., Yang, L., Wetzel, S.: Quantifying the security of preference-based authentication. In: DIM 2008: Proceedings of the 4th ACM Workshop on Digital Identity Management, pp. 61–70. ACM, New York (2008)
Kelsey, J., Schneier, B., Hall, C., Wagner, D.: Secure Applications of Low-Entropy Keys. In: Okamoto, E. (ed.) ISW 1997. LNCS, vol. 1396, pp. 121–134. Springer, Heidelberg (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bonneau, J. (2013). Alice and Bob in Love. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds) Security Protocols XVII. Security Protocols 2009. Lecture Notes in Computer Science, vol 7028. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36213-2_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-36213-2_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36212-5
Online ISBN: 978-3-642-36213-2
eBook Packages: Computer ScienceComputer Science (R0)