A big challenge in pervasive computing is to establish secure communication without a PKI or passwords. A new approach is to build security though human trust and interactions creating a low-bandwidth authentication channel (i.e. human or telephone conversation) where the transmitted information is authentic and cannot be faked or modified as opposed to the high-bandwidth and insecure Dolev-Yao networks. In this talk, I give a brief survey of authentication protocols of this type as well as concentrating on my contribution to this area. I start with some one-way authentication schemes (i.e. of Balfanz et al, Germann, Mitchel and Nyberg) to demonstrate that these do not optimise the human work. The analysis leads to a new security principle, termed "commitment without knowledge", under which parties are jointly committed to a short string without knowing what it is until parties reveal their shares of the decommitments. This leads me develop a new series of one-way,pairwise and group protocols that are based on the human comparison of the short string, which is the digest of the authenticated information.
The new authentication technology aims to replace PKI and passwords with human trust and interactions to create secure communication in telephone banking, telemedicine, secure WIFI connection, the military, and many other applications.
This is based on joint work with Prof. Bill Roscoe.
Long Hoang Nguyen was born in Hanoi, Vietnam. He went to Primary, Secondary and High schools in Hanoi before going to Britain to study A-Level(2001-2002), and read BA in Computer Science at the University of Bristol (2002-2005), obtaining top mark for his year in the university. He then went to Oxford (Unviersity College) to read a D.Phil (or PhD, 2005-2008) also in Computer Science.
At Oxford he is currently working on Authentication Protocols based on Human Interaction (Information Security) with Prof. Andrew William Roscoe (Bill Roscoe), the director of the Oxford University Computing Laboratory. He did his undergraduate studies and final year project in Cryptography (RSA Threshold Digital Signature) under the supervision of Prof. Nigel Paul Smart, the head of the Computer Science Department at Bristol University.
For the academic year 10/2007 - 10/2008, he is the G. A. Paul Memorial Scholar at University College, University of Oxford.