Geetika Kovelamudi, Bryan Watson, Jun Zheng, Srinivas Mukkamala
{"title":"On the adoption of scramble keypad for unlocking PIN-protected smartphones","authors":"Geetika Kovelamudi, Bryan Watson, Jun Zheng, Srinivas Mukkamala","doi":"10.1504/IJICS.2021.115345","DOIUrl":null,"url":null,"abstract":"Personal identification number (PIN) is a simple and effective mechanism for screen unlocking but is susceptible to a number of attacks. Scramble keypad is a method that can improve the security of PIN by changing the keypad layout in each PIN-entry process. However, scramble keypad has not been provided as a standard feature in Android and iOS. In this work, we conducted a security and usability analysis of scramble keypad through theoretical analysis and user studies. The security analysis shows that scramble keypad can perfectly defend smudge attacks and greatly reduce the threats of side-channel attacks. It also has a significantly better chance to defend shoulder surfing attacks than standard keypad. The compromising of usability of scramble keypad for the improved security was also investigated. The results suggest that it is worthy to provide scramble keypad as a standard option of mobile operating systems for unlocking PIN-protected smartphones.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-05-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Inf. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1504/IJICS.2021.115345","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Personal identification number (PIN) is a simple and effective mechanism for screen unlocking but is susceptible to a number of attacks. Scramble keypad is a method that can improve the security of PIN by changing the keypad layout in each PIN-entry process. However, scramble keypad has not been provided as a standard feature in Android and iOS. In this work, we conducted a security and usability analysis of scramble keypad through theoretical analysis and user studies. The security analysis shows that scramble keypad can perfectly defend smudge attacks and greatly reduce the threats of side-channel attacks. It also has a significantly better chance to defend shoulder surfing attacks than standard keypad. The compromising of usability of scramble keypad for the improved security was also investigated. The results suggest that it is worthy to provide scramble keypad as a standard option of mobile operating systems for unlocking PIN-protected smartphones.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
