![]() |
Loud And Clear Security |
| Main Idea | People | Publications | Presentations | Demo | Download |
|
Authentication of
communication channels between
devices that lack any previous association is a challenging problem.
It has been considered in many contexts and in various
flavors, most recently, by McCune et al. where human-assisted
device authentication is achieved through the use
of photo cameras (present in some cellphones) and 2-dimensional
barcodes. Their proposed Seeing-is-Believing
system allows
users with devices equipped with cameras to use the visual channel for
authentication of unfamiliar
devices, so as to defeat
man-in-the-middle attacks. L&C is built on the Ewe programming system (www.ewesoft.com) which is a highly portable Java platform that can run on a great number of versatile devices: PocketPC (Windows CE), MS SmartPhone, Casio BE-300, HandHeldPC Pro, Sharp Zaurus, Linux PC, Windows PC, and any Java 1.2 VM. Currently the Text-to-Speech functionality is supported for Pocket PC and Windows PC. We are working on porting Sun's FreeTTS and JSAPI to Ewe so that TTS is supported in most devices.
Click here to view snapshots
of a
sample L&C
use scenario. |
|
Michael Goodrich, Michael Sirivianos, Gene Tsudik, John Solis, Ersin Uzun. |
|
Michael T. Goodrich, Michael Sirivianos, John Solis, Gene Tsudik, and Ersin Uzun : Loud And Clear: Human Verifiable Authentication Based on Audio [pdf]. IEEE ICDCS 2006. |
![]() |
Loud And Clear Security [ppt]. CyberTrust 2005 poster presentation. |
![]() |
Loud And Clear: Human Verifiable Authentication Based on Audio [ppt]. IEEE ICDCS 2006. |
|
In these videos [1], [2] we demonstrate common
uses of LaC to achieve human verifiable authentication.
The first
video shows how LaC is used to achieve unidirectional
authentication of a non-human-attended device. The second
video shows how LaC is used for bidirectional (mutual) key exchange
authentication. |
| Download L&C here and unzip it in the "C://Program Files"
directory. Follow the instructions in the README.txt file to install
and use L&C. You can download the source code here. The zip file includes configuration files for the Ant build tool. |