Securing Interactive Sessions Using Mobile Device through Visual Channel and Visual Inspection

Communication channel established from a display to a device's camera is known as visual channel, and it is helpful in securing key exchange protocol. In this paper, we study how visual channel can be exploited by a network terminal and mobile device to jointly verify information in an interactive session, and how such information can be jointly presented in a user-friendly manner, taking into account that the mobile device can only capture and display a small region, and the user may only want to authenticate selective regions-of-interests. Motivated by applications in Kiosk computing and multi-factor authentication, we consider three security models: (1) the mobile device is trusted, (2) at most one of the terminal or the mobile device is dishonest, and (3) both the terminal and device are dishonest but they do not collude or communicate. We give two protocols and investigate them under the abovementioned models. We point out a form of replay attack that renders some other straightforward implementations cumbersome to use. To enhance user-friendliness, we propose a solution using visual cues embedded into the 2D barcodes and incorporate the framework of "augmented reality" for easy verifications through visual inspection. We give a proof-of-concept implementation to show that our scheme is feasible in practice.Comment: 16 pages, 10 figure

Phase Locking Authentication for Scan Architecture

Scan design is a widely used Design for Testability (DfT) approach for digital circuits. It provides a high level of controllability and observability resulting in a high fault coverage. To achieve a high level of testability, scan architecture must provide access to the internal nodes of the circuit-under-test (CUT). This access however leads to vulnerability in the security of the CUT. If an unrestricted access is provided through a scan architecture, unlimited test vectors can be applied to the CUT and its responses can be captured. Such an unrestricted access to the CUT can potentially undermine the security of the critical information stored in the CUT. There is a need to secure scan architecture to prevent hardware attacks however a secure solution may limit the CUT testability. There is a trade-off between security and testability, therefore, a secure scan architecture without hindering its controllability and observability is required. Three solutions to secure scan architecture have been proposed in this thesis. In the first method, the tester is authenticated and the number of authentication attempts has been limited. In the second method, a Phase Locked Loop (PLL) is utilized to secure scan architecture. In the third method, the scan architecture is secured through a clock and data recovery (CDR) technique. This is a manuscript based thesis and the results of this study have been published in two conference proceedings. The latest results have also been prepared as an article for submission to a high rank conference