Involving humans in the cryptographic loop: Introduction and threat analysis of EEVEHAC

Julius Hekkala; Sara Nikula; Outi Marja Latvala; Kimmo Halunen

doi:10.5220/0010517806590664

Involving humans in the cryptographic loop: Introduction and threat analysis of EEVEHAC

Julius Hekkala
, Sara Nikula
, Outi Marja Latvala
, Kimmo Halunen

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

1 Citation (Scopus)

Abstract

Our digital lives rely on modern cryptography that is based on complicated mathematics average human users cannot follow. Previous attempts at adding the human user into the cryptographic loop include things like Human Authenticated Key Exchange and visualizable cryptography. This paper presents our proof-of-concept implementation of these ideas as a system called EEVEHAC. It utilizes human capabilities to achieve an end-to-end encrypted channel between a user and a server that is authenticated with human senses and can be used through untrusted environments. The security of this complete system is analyzed. We find that the combination of the two different systems into EEVEHAC on a theoretical level retains the security of the individual systems. We also identify the weaknesses of this implementation and discuss options for overcoming them.

Original language	English
Title of host publication	Proceedings of the 18th International Conference on Security and Cryptography, SECRYPT 2021
Editors	Sabrina De Capitani di Vimercati, Pierangela Samarati
Publisher	SciTePress
Pages	659-664
Number of pages	6
ISBN (Electronic)	978-989-758-524-1
DOIs	https://doi.org/10.5220/0010517806590664
Publication status	Published - 2021
MoE publication type	A4 Article in a conference publication
Event	18th International Conference on Security and Cryptography, SECRYPT 2021 - Virtual, Online Duration: 6 Jul 2021 → 8 Jul 2021

Conference

Conference	18th International Conference on Security and Cryptography, SECRYPT 2021
City	Virtual, Online
Period	6/07/21 → 8/07/21

Keywords

Human Understandable Cryptography
Narrative Authentication
Secure Channel
Visualizable Cryptography

Access to Document

10.5220/0010517806590664Licence: CC BY-NC-ND

Cite this

@inproceedings{ad60be93b05442fe9686959d5c4ebe70,

title = "Involving humans in the cryptographic loop: Introduction and threat analysis of EEVEHAC",

abstract = "Our digital lives rely on modern cryptography that is based on complicated mathematics average human users cannot follow. Previous attempts at adding the human user into the cryptographic loop include things like Human Authenticated Key Exchange and visualizable cryptography. This paper presents our proof-of-concept implementation of these ideas as a system called EEVEHAC. It utilizes human capabilities to achieve an end-to-end encrypted channel between a user and a server that is authenticated with human senses and can be used through untrusted environments. The security of this complete system is analyzed. We find that the combination of the two different systems into EEVEHAC on a theoretical level retains the security of the individual systems. We also identify the weaknesses of this implementation and discuss options for overcoming them.",

keywords = "Human Understandable Cryptography, Narrative Authentication, Secure Channel, Visualizable Cryptography",

author = "Julius Hekkala and Sara Nikula and Latvala, \{Outi Marja\} and Kimmo Halunen",

year = "2021",

doi = "10.5220/0010517806590664",

language = "English",

pages = "659--664",

editor = "\{di Vimercati\}, \{Sabrina De Capitani\} and Pierangela Samarati",

booktitle = "Proceedings of the 18th International Conference on Security and Cryptography, SECRYPT 2021",

publisher = "SciTePress",

address = "Portugal",

note = "18th International Conference on Security and Cryptography, SECRYPT 2021 ; Conference date: 06-07-2021 Through 08-07-2021",

}

Hekkala, J, Nikula, S , Latvala, OM & Halunen, K 2021, Involving humans in the cryptographic loop: Introduction and threat analysis of EEVEHAC. in SDC di Vimercati & P Samarati (eds), Proceedings of the 18th International Conference on Security and Cryptography, SECRYPT 2021. SciTePress, pp. 659-664, 18th International Conference on Security and Cryptography, SECRYPT 2021, Virtual, Online, 6/07/21. https://doi.org/10.5220/0010517806590664

Involving humans in the cryptographic loop: Introduction and threat analysis of EEVEHAC. / Hekkala, Julius; Nikula, Sara ; Latvala, Outi Marja et al.
Proceedings of the 18th International Conference on Security and Cryptography, SECRYPT 2021. ed. / Sabrina De Capitani di Vimercati; Pierangela Samarati. SciTePress, 2021. p. 659-664.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Involving humans in the cryptographic loop

T2 - 18th International Conference on Security and Cryptography, SECRYPT 2021

AU - Hekkala, Julius

AU - Nikula, Sara

AU - Latvala, Outi Marja

AU - Halunen, Kimmo

PY - 2021

Y1 - 2021

N2 - Our digital lives rely on modern cryptography that is based on complicated mathematics average human users cannot follow. Previous attempts at adding the human user into the cryptographic loop include things like Human Authenticated Key Exchange and visualizable cryptography. This paper presents our proof-of-concept implementation of these ideas as a system called EEVEHAC. It utilizes human capabilities to achieve an end-to-end encrypted channel between a user and a server that is authenticated with human senses and can be used through untrusted environments. The security of this complete system is analyzed. We find that the combination of the two different systems into EEVEHAC on a theoretical level retains the security of the individual systems. We also identify the weaknesses of this implementation and discuss options for overcoming them.

AB - Our digital lives rely on modern cryptography that is based on complicated mathematics average human users cannot follow. Previous attempts at adding the human user into the cryptographic loop include things like Human Authenticated Key Exchange and visualizable cryptography. This paper presents our proof-of-concept implementation of these ideas as a system called EEVEHAC. It utilizes human capabilities to achieve an end-to-end encrypted channel between a user and a server that is authenticated with human senses and can be used through untrusted environments. The security of this complete system is analyzed. We find that the combination of the two different systems into EEVEHAC on a theoretical level retains the security of the individual systems. We also identify the weaknesses of this implementation and discuss options for overcoming them.

KW - Human Understandable Cryptography

KW - Narrative Authentication

KW - Secure Channel

KW - Visualizable Cryptography

UR - https://www.scopus.com/pages/publications/85111868956

U2 - 10.5220/0010517806590664

DO - 10.5220/0010517806590664

M3 - Conference article in proceedings

AN - SCOPUS:85111868956

SP - 659

EP - 664

BT - Proceedings of the 18th International Conference on Security and Cryptography, SECRYPT 2021

A2 - di Vimercati, Sabrina De Capitani

A2 - Samarati, Pierangela

PB - SciTePress

Y2 - 6 July 2021 through 8 July 2021

ER -

Involving humans in the cryptographic loop: Introduction and threat analysis of EEVEHAC

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this