Wave Systems Corp. (fka WAVXQ)

[dude_danny]

Seeing-Is-Believing: Using Camera Phones for Human-Veriable Authentication. Carnegie Mellon University

Sorry if posted

http://sparrow.ece.cmu.edu/~adrian/projects/sib.pdf

Current mechanisms for authenticating communication
between devices that share no prior context are inconvenient
for ordinary users, without the assistance of
a trusted authority. We present and analyze Seeing-Is-
Believing, a system that utilizes 2D barcodes and cameraphones
to implement a visual channel for authentication
and demonstrative identication of devices. We apply
this visual channel to several problems in computer
security, including authenticated key exchange between
devices that share no prior context, establishment of a
trusted path for conguration of a TCG-compliant computing
platform, and secure device conguration in the
context of a smart home.

This research was supported in part by National Science Foundation
grant number CNS-0433540, U.S. Army Research Ofce contract
number DAAD19-02-1-0389, and by gifts from Bosch and Intel. The views and conclusions contained here are those of the authors and should not be interpreted as necessarily representing the ofcial policies or endorsements,
either express or implied, of ARO, Bosch, Carnegie Mellon
University, Intel, NSF, or the U.S. Government or any of its agencies. devices. Section 5 explains how to use SiB to achieve
demonstrative identication of, and secure connection
to, a particular wireless device, with establishment of a
1The Trusted Computing Group (TCG) is an organization that
promotes open standards to strengthen computing platforms against software-based attacks [2, 3].

dude_danny