Springer Authentication in Insecure Environments: Using Visual Cryptography and Non-Transferable Credentials in Practise

Sebastian Pape discusses two different scenarios for authentication. On the one hand, users cannot trust their devices and nevertheless want to be able to do secure authentication. On the other hand, users may not want to be tracked while their service provider does not want them to share their credentials. Many users may not be able to determine whether their device is trustworthy, i.e. it might contain malware. One solution is to use visual cryptography for authentication. The author generalizes this concept to human decipherable encryption schemes and establishes a relationship to CAPTCHAS. He proposes a new security model and presents the first visual encryption scheme which makes use of noise to complicate the adversary's task. To prevent service providers from keeping their users under surveillance, anonymous credentials may be used. However, sometimes it is desirable to prevent the users from sharing their credentials. The author compares existing approaches based on non-transferable anonymous credentials and proposes an approach which combines biometrics and smartcards. Review “This book is based on the doctoral dissertation of Sebastian Pape … on the challenge of authentication in insecure environments. … The bibliography is exhaustive and the indexes are adequate. … This interesting and practically oriented book is well written for an audience comprising students, teachers, and practitioners of cryptography and information technology (IT) security. I strongly recommend the book for its intended audience.” (S. V. Nagaraj, Computing Reviews, October, 2015) From the Back Cover Sebastian Pape discusses two different scenarios for authentication. On the one hand, users cannot trust their devices and nevertheless want to be able to do secure authentication. On the other hand, users may not want to be tracked while their service provider does not want them to share their credentials. Many users may not be able to determine whether their device is trustworthy, i.e. it might contain malware. One solution is to use visual cryptography for authentication. The author generalizes this concept to human decipherable encryption schemes and establishes a relationship to CAPTCHAS. He proposes a new security model and presents the first visual encryption scheme which makes use of noise to complicate the adversary's task. To prevent service providers from keeping their users under surveillance, anonymous credentials may be used. However, sometimes it is desirable to prevent the users from sharing their credentials. The author compares existing approaches based on non-transferable anonymous credentials and proposes an approach which combines biometrics and smartcards.  Contents Human Decipherable Encryption Schemes Visual Cryptography Non-Transferable Anonymous Credentials Authentication  Target Groups Teachers, students and practitioners in the fields of cryptography and IT security  About the Author Dr. Sebastian Pape is postdoctoral researcher at the Chair of Software Engineering at Technical University Dortmund. About the Author Dr. Sebastian Pape is postdoctoral researcher at the Chair of Software Engineering at Technical University Dortmund.