Reverse Authentication in Financial Transactions
Date: May 2010
Publication: Proceedings of the Second International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use, IWSSISPMU 2010
Source 1: http://www.medien.ifi.lmu.de/iwssi2010/papers/iwssi-spmu2010-roscoe.pdf
New families of protocol based on communication over human-based side channels, permit secure pairing or group formation in ways that no party has to prove its name. Rather, individuals are able to hook up devices in their possession to others that they can identify by context. We examine a model in which, to prove his or her identity to a party, the user first uses one of these "human-interactive security protocols'" or HISPs to connect to it. Thus, when authenticating A to B, A first authenticates a channel she has to B: the reverse direction. This can be characterised as bootstrapping a secure connection using human trust. This provides new challenges to the formal modelling of trust and authentication.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.