Publishable Humanly Usable Secure Password Creation Schemas

Authors

  • Manuel Blum Carnegie Mellon University
  • Santosh Vempala Georgia Tech

DOI:

https://doi.org/10.1609/hcomp.v3i1.13233

Keywords:

Passwords, Human Usability Model, Complexity of Human Computation, Security

Abstract

What can a human compute in his/her head that a powerful adversary cannot infer? To answer this question, we define a model of human computation and a measure of security. Then, motivated by the special case of password creation, we propose a collection of well-defined password-generation methods. We show that our password generation methods are humanly computable and, to a well-defined extent, machine uncrackable. For the proof of security, we posit that password generation methods are public, but that the human’s privately chosen seed is not, and that the adversary will have observed only a few input-output pairs. Besides the application to password generation, our proposed Human Usability Model (HUM) will have other applications.

Downloads

Published

2015-09-23

How to Cite

Blum, M., & Vempala, S. (2015). Publishable Humanly Usable Secure Password Creation Schemas. Proceedings of the AAAI Conference on Human Computation and Crowdsourcing, 3(1), 32-41. https://doi.org/10.1609/hcomp.v3i1.13233