Paper 2009/562

How to pair with a human

Stefan Dziembowski

Abstract

We introduce a protocol, that we call Human Key Agreement, that allows pairs of humans to establish a key in a (seemingly hopeless) case where no public-key infrastructure is available, the users do not share any common secret, and have never been connected by any physically-secure channel. Our key agreement scheme, while vulnerable to the human-in-the middle attacks, is secure against any malicious machine-in-the middle. The only assumption that we make is that the attacker is a machine that is not able to break the Captcha puzzles (introduced by von Ahn et al., EUROCRYPT 2003). Our main tool is a primitive that we call a Simultaneous Turing Test, which is a protocol that allows two users to verify if they are both human, in such a way that if one of them is not a human, then he does not learn whether the other one is human, or not. To construct this tool we use a Universally-Composable Password Authenticated Key Agreement of Canetti et al. (EUROCRYPT 2005).

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
stefan @ dziembowski net
History
2009-11-22: received
Short URL
https://ia.cr/2009/562
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/562,
      author = {Stefan Dziembowski},
      title = {How to pair with a human},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/562},
      year = {2009},
      url = {https://eprint.iacr.org/2009/562}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.