Abstract
In this paper, we present the first fingerprinting-based authentication scheme that is not vulnerable to trivial replay attacks. Our proposed canvas-based fingerprinting technique utilizes one key characteristic: it is parameterized by a challenge, generated on the server side. We perform an in-depth analysis of all parameters that can be used to generate canvas challenges, and we show that it is possible to generate unique, unpredictable, and highly diverse canvas-generated images each time a user logs onto a service. With the analysis of images collected from more than 1.1 million devices in a real-world large-scale experiment, we evaluate our proposed scheme against a large set of attack scenarios and conclude that canvas fingerprinting is a suitable mechanism for stronger authentication on the web.
Cite
CITATION STYLE
Laperdrix, P., Avoine, G., Baudry, B., & Nikiforakis, N. (2019). Morellian analysis for browsers: Making web authentication stronger with canvas fingerprinting. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11543 LNCS, pp. 43–66). Springer Verlag. https://doi.org/10.1007/978-3-030-22038-9_3
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
