Usability of display-equipped RFID tags for security purposes

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6879 LNCS, Issue , 2011, Pages 434-451

  Kobsa, Alfred ^a   Nithyanand, Rishab ^b   Tsudik, Gene ^a   Uzun, Ersin ^c  

^a UNIVERSITY OF CALIFORNIA   (United States)

^b STONY BROOK UNIVERSITY   (United States)

^c PALO ALTO RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL; RADIO FREQUENCY IDENTIFICATION (RFID);

CREDIT CARDS; EPASSPORTS; FINANCIAL TRANSACTIONS; KEY OPERATIONS; NEW APPLICATIONS; PERSONAL DEVICES; PUBLIC KEYS; RFID-TAG; SECURITY ISSUES; USER INVOLVEMENT;

PUBLIC KEY CRYPTOGRAPHY;

EID: 80052999922     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-23822-2_24     Document Type: Conference Paper

References (33)

1. Bestbuy To Put Gizmo Vending Machines In Airports, http://www.pcworld. com/article/149684/best-buy-to-put-gizmo-vending-machines-in-airports.html
2. BSI: Country Verifying Certificate Authority. https://www.bsi.bund.de/ cln-174/DE/Themen/ElektronischeAusweise/CVCAePass/CVCAePass-node.html.
3. BSI: The New ID-Card, https://www.bsi.bund.de/cln-174/ContentBSI/Themen/ Elekausweise/Personalausweis/ePA-Start.html.
4. Hid Omnikey 5321 Cl Usb Reader, http://www.hidglobal.com/documents/ OK5321-cl-ds-en.pdf
5. Java Smart Card I/O, http://java.sun.com/javase/6/docs/jre/api/security/ smartcardio/spec/
6. Logitech Wireless N305, http://www.logitech.com/en-us/keyboards/keyboard/ devices/6355
7. Abadi, M., Burrows, C., Kaufman, C., Lampson, B.: Authentication and delegation with smart-cards. Science of Computer Programming 21(2), 93-113 (1993)
8. Aleskerov, E., Freisleben, B., Rao, B.: Cardwatch: A Neural Network Based Database Mining System For Credit Card Fraud Detection. In: Proceedings of the IEEE/IAFE 1997 Computational Intelligence for Financial Engineering (CIFEr), March 23-25, pp. 220-226 (1997)
9. Bangor, A., Kortum, P., Miller, J.: An Empirical Evaluation Of The System Usability Scale. Int. J. Hum. Comput. Interaction 24(6), 574-594 (2008)
10. Boyko, V., MacKenzie, P.D., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156-171. Springer, Heidelberg (2000)
11. Brooke, J.: SUS: A "Quick And Dirty" Usability Scale. In: Jordan, P.W., Thomas, B., Weerdmeester, B.A., McClelland, A.L. (eds.) Usability Evaluation in Industry. Taylor and Francis, London (1996)
12. Chan, P.K., Fan, W., Prodromidis, A.L., Stolfo, S.J.: Distributed Data Mining In Credit Card Fraud Detection. IEEE Intelligent Systems 14(6), 67-74 (1999)
13. Czeskis, A., Koscher, K., Smith, J.R., Kohno, T.: RFIDs And Secret Handshakes: Defending Against Ghost-And-Leech Attacks And Unauthorized Reads With Context-Aware Communications. In: CCS 2008: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 479-490. ACM, New York (2008)
14. Evans Jr., A., Kantrowitz, W., Weiss, E.: A User Authentication Scheme Not Requiring Secrecy In The Computer. Commun. ACM 17(8), 437-442 (1974)
15. Forget, A., Chiasson, S., Biddle, R.: Shoulder-Surfing Resistance With Eye-Gaze Entry In Cued-Recall Graphical Passwords. In: CHI 2010: Proceedings of the 28th International Conference on Human Factors in Computing Systems, pp. 1107-1110. ACM, New York (2010)
16. Heydt-Benjamin, T.S., Bailey, D.V., Fu, K., Juels, A., O'Hare, T.: Vulnerabilities in firstgeneration RFID-enabled credit cards. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 2-14. Springer, Heidelberg (2007)
17. Hoepman, J.-H., Hubbers, E., Jacobs, B., Oostdijk, M., Schreur, R.W.: Crossing borders: Security and privacy issues of the european e-passport. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S.-i. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 152-167. Springer, Heidelberg (2006)
18. Housley, R., Ford, W., Polk, W., Solo, D.: Rfc 5280: Internet X.509 Public Key Infrastructure Certificate and CRL profile (May 2008)
19. Juels, A., Molnar, D., Wagner, D.: Security And Privacy Issues In E-Passports. In: International Conference on Security and Privacy for Emerging Areas in Communications Networks, pp. 74-88 (2005)
20. Kainda, R., Flechais, I., Roscoe, A.W.: Usability And Security Of Out-Of-Band Channels In Secure Device Pairing Protocols. In: SOUPS: Symposium on Usable Privacy and Security (2009)
21. Kobsa, A., Sonawalla, R., Tsudik, G., Uzun, E., Wang, Y.: Serial Hook-Ups: A Comparative Usability Study Of Secure Device Pairing Methods. In: SOUPS: Symposium on Usable Privacy and Security (2009)
22. Kou, Y., Lu, C.-T., Sirwongwattana, S., Huang, Y.-P.: Survey Of Fraud Detection Techniques. In: 2004 IEEE International Conference on Networking, Sensing and Control, vol. 2, pp. 749-754 (2004)
23. Kumar, A., Saxena, N., Tsudik, G., Uzun, E.: Caveat Emptor: A Comparative Study of Secure Device Pairing Methods. In: IEEE International Conference on Pervasive Computing and Communications, PerCom (2009)
24. Micali, S.: Efficient Certificate Revocation. Technical Memo MIT/LCS/TM-542b, Massachusetts Institute of Technology (1996)
25. Micali, S.: Certificate Revocation System. United States Patent 5,666,416 (September 1997)
26. Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: Internet Public Key Infrastructure Online Certificate Status Protocol- Ocsp. RFC 2560 (1999), http://tools.ietf.org/html/rfc2560
27. Nithyanand, R., Saxena, N., Tsudik, G., Uzun, E.: Groupthink: Usability Of Secure Group Association For Wireless Devices. In: 12th ACM International Conference on Ubiquitous Computing, Ubicomp 2010 (2010)
28. Nithyanand, R., Tsudik, G., Uzun, E.: Readers Behaving Badly. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 19-36. Springer, Heidelberg (2010)
29. Saxena, N., Uddin, M. B.: Secure pairing of "Interface- constrained" devices resistant against rushing user behavior. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 34-52. Springer, Heidelberg (2009)
30. Saxena, N., Uddin, M.B., Voris, J.: Treat 'em Like Other Devices: User Authentication of Multiple Personal RFID Tags. In: SOUPS 2009: Proceedings of the 5th Symposium on Usable Privacy and Security, p. 1. ACM, New (2009)
31. Perković, T., Čagalj, M., Saxena, N.: Shoulder-Surfing Safe Login in a Partially Observable Attacker Model. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 351-358. Springer, Heidelberg (2010)
32. Uzun, E., Karvonen, K., Asokan, N.: Usability analysis of secure pairing methods. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 307-324. Springer, Heidelberg (2007)
33. Wilkes, M.V.: Time Sharing Computer Systems. Elsevier Science Inc., New York (1975)