{"id":223177,"updated":"2025-01-19T13:29:03.969565+00:00","links":{},"created":"2025-01-19T01:23:03.123410+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00223177","sets":["6164:6165:6462:11124"]},"path":["11124"],"owner":"44499","recid":"223177","title":["推測攻撃対策を意図したペア情報による個人認証手法の安全性・利便性評価：単語ペアと絵文字ペアの比較（第２報）"],"pubdate":{"attribute_name":"公開日","attribute_value":"2022-10-17"},"_buckets":{"deposit":"304ec4ae-47bb-425c-9a99-c2c5a3b2ce2a"},"_deposit":{"id":"223177","pid":{"type":"depid","value":"223177","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"推測攻撃対策を意図したペア情報による個人認証手法の安全性・利便性評価：単語ペアと絵文字ペアの比較（第２報）","author_link":["587442","587445","587444","587443"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"推測攻撃対策を意図したペア情報による個人認証手法の安全性・利便性評価：単語ペアと絵文字ペアの比較（第２報）"},{"subitem_title":"Security Evaluation of Pair-based User Authentication against Guess Attack using Words and Emojis (2nd report)","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"User authentication, Guess attack, Pair-based credential, Emoji, Usability, ","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2022-10-17","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"電気通信大学"},{"subitem_text_value":"電気通信大学"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"The University of Electro-Communications","subitem_text_language":"en"},{"subitem_text_value":"The University of Electro-Communications","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/223177/files/IPSJ-CSS2022122.pdf","label":"IPSJ-CSS2022122.pdf"},"date":[{"dateType":"Available","dateValue":"2024-10-17"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSS2022122.pdf","filesize":[{"value":"1.0 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"56aad9c7-7fc7-43bb-87bc-41b1e75d5684","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2022 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"横山, 佳紀"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"高田, 哲司"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Yoshiki, Yokoyama","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tetsuji, Takada","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"推測攻撃に対する安全性を改善しうる個人認証手法 “AssociPass” について，単語と絵文字を秘密情報とした場合の安全性と利便性に関する比較評価について報告する．知識照合型個人認証には推測攻撃という脅威が存在し，総あたり攻撃よりも効率良くなりすましを行う手法として現実的な脅威となっている．この脅威に対する対策として我々の研究グループで提案した個人認証手法が「ペア情報の集合」を秘密情報とする AssociPass である．この手法について先行研究の成果から利便性を損なうことなく安全性を改善しうることが明らかにされているが，研究室内実験の結果であり，一般化可能な結果とは言いがたい．そこで本研究ではクラウドソーシングを通じて参加者を募り，単語ペアと絵文字ペアの２条件で評価実験をあらためて実施した．その結果，利便性と推測攻撃への安全性について，単語ペアと絵文字ペアで差がないという結果を得た．しかしその一方で，先行研究で明らかにされていた問題点が絵文字ペアを秘密情報に用いることで改善されるという結果も得られた．","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"One of the threats to the knowledge-based user authentication is guess attack. Human-chosen passwords or PINs are unevenly distributed. Using this bias, an attacker attempts to impersonate someone efficiently than brute-force attack. Our research group has proposed a user authentication scheme called “AssociPass”, in which the credential is a set of paired information. Our works has revealed the following two results about this scheme: (1) the scheme can improve security against guess attack without hampering usability. (2) further security improvement was suggested by using Emoji-pair credential instead of word-pair. However, the results were based on small experiments. In this study, we conducted a new experiment with participants recruited through crowd-sourcing. The results show that there is no significant difference in both usability and security against guessing attacks between word-pair and emoji-pair conditions. On the other hand, we also obtained a favorable result that one of the issues identified in the previous work could be improved by using emoji-pairs based credential. The paper reports on the conducted experiment and their results. ","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"902","bibliographic_titles":[{"bibliographic_title":"コンピュータセキュリティシンポジウム2022論文集"}],"bibliographicPageStart":"895","bibliographicIssueDates":{"bibliographicIssueDate":"2022-10-17","bibliographicIssueDateType":"Issued"}}]},"relation_version_is_last":true,"weko_creator_id":"44499"}}