Alice and Bob in Love

Cryptographic Communication Using Shared Experiences
  • Joseph Bonneau
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7028)


We propose a protocol for secure communication between two parties who know each other well using only pre-existing shared knowledge from their shared life experience. This could enable, for example, lovers or close friends to communicate over a one-way channel without prior key exchange. Our system uses a flexible secret-sharing mechanism to accommodate pieces of personal knowledge of variable guessing resistance and memorability, with reasonable overhead in terms of computation and storage.


Message Size Recall Probability Fuzzy Match Decryption Probability Dumpster Diving 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ellison, C., Hall, C., Milbert, R., Schneier, B.: Protecting secret keys with personal entropy. Future Gener. Comput. Syst. 16(4), 311–318 (2000)CrossRefGoogle Scholar
  2. 2.
    Frykholm, N., Juels, A.: Error-tolerant password recovery. In: CCS 2001: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 1–9. ACM, New York (2001)CrossRefGoogle Scholar
  3. 3.
    Just, M.: Designing and evaluating challenge-question systems. IEEE Security & Privacy (2004)Google Scholar
  4. 4.
    Rabkin, A.: Personal knowledge questions for fallback authentication: Security questions in the era of facebook. In: SOUPS: Symposium on Usable Privacy and Security (2006)Google Scholar
  5. 5.
    Griffith, V., Jakobsson, M.: Messin’ with Texas Deriving Mother’s Maiden Names Using Public Records. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 91–103. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Xu, W., Zhou, X., Li, L.: Inferring privacy information via social relations. In: International Conference on Data Engineering (2008)Google Scholar
  7. 7.
    Lindamood, J., Kantarcioglu, M.: Inferring private information using social network data. Technical Report UTDCS-21-08, University of Texas at Dallas Computer Science Department (2008)Google Scholar
  8. 8.
    Jakobsson, M., Stolterman, E., Wetzel, S., Yang, L.: Love and authentication. In: CHI 2008: Proceeding of the Twenty-Sixth Annual SIGCHI Conference on Human Factors in Computing Systems, pp. 197–200. ACM, New York (2008)CrossRefGoogle Scholar
  9. 9.
    Jakobsson, M., Yang, L., Wetzel, S.: Quantifying the security of preference-based authentication. In: DIM 2008: Proceedings of the 4th ACM Workshop on Digital Identity Management, pp. 61–70. ACM, New York (2008)CrossRefGoogle Scholar
  10. 10.
    Kelsey, J., Schneier, B., Hall, C., Wagner, D.: Secure Applications of Low-Entropy Keys. In: Okamoto, E. (ed.) ISW 1997. LNCS, vol. 1396, pp. 121–134. Springer, Heidelberg (1998)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Joseph Bonneau
    • 1
  1. 1.University of Cambridge Computer LaboratoryUK

Personalised recommendations