Abstract
We present a seamless challenge-response authentication protocol which leverages on the variations of html5 canvas rendering made by the software and hardware stacks. After a training phase that leads to feature extraction with deep learning techniques, a server becomes able to authenticate a user based on fresh canvasses, hence avoiding replay attacks. The whole authentication process is natively supported by any mainstream browser, stateless on client side and can be transparent to the user. We argue that those features facilitate deployment and composition with other authentication mechanisms without lowering the user experience. We present the threat model against which our protocol is expected to live and discuss its security. We also present a prototype implementation of our protocol and report on a real-word experimentation that we ran in order to analyze its efficiency and effectiveness.
Author supplied keywords
Cite
CITATION STYLE
Rochet, F., Koeune, F., Efthymiadis, K., & Pereira, O. (2019). SWAT: Seamless web authentication technology. In The Web Conference 2019 - Proceedings of the World Wide Web Conference, WWW 2019 (pp. 1579–1589). Association for Computing Machinery, Inc. https://doi.org/10.1145/3308558.3313637
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
