Seeing is Believing

Many problems in secure communication come down to secure key establishment. Without a central authority, this is a daunting problem for non-experts. A solution is needed which is intuitive for users, and secure against attacks.

Seeing is Believing, or SiB, leverages the increasing ubiquity of camera-equipped mobile phones which include processors capable of performing asymmetric cryptographic operations in under a second.

How Does It Work?

Suppose Alice encounters Bob and decides she would like to be able to communicate securely with Bob in the Future.

Alice selects the Find option on her mobile device (e.g., cell phone).
The device activates its camera.
Bob selects the Show option on his mobile device (e.g., cell phone).
The device displays a 2D barcode which encodes the device's Bluetooth address and a commitment to Bob's public key.
Bob holds his device out so that Alice can take a picture of the barcode.

After Alice takes the picture, the SiB software on her device automatically decodes the barcode, contacts Bob's device via Bluetooth to obtain a copy of his public key, and verifies that the key received matches the one committed to in the barcode. Alice can rest assured that the only key her device would accept for Bob is the one committed to in the photograph she took. She can be sure that her device is communicating with that other device.

Contact Us



 

Papers

McCune, Jonathan M., Adrian Perrig, and Michael K. Reiter. "Seeing-is-Believing: Using Camera Phones for Human-Verifiable Authentiction." In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May, 2005. [ PDF ]

Presentation Slides

IEEE S&P 2005 [ PDF ]

Posters

Poster for Cylab Partners Conference, April 19-21, 2006, Pittsburgh, PA. [ 8.5 x 11 in ]

Source Code & Binary

Version 0.1 [ ZIP ] [ SIS ]
Adrian Perrig's Research Group     Carnegie Mellon University     CIC Building     4720 Forbes Avenue     Pittsburgh, PA     15213