[Cryptography] Augmented Reality Encrypted Displays
Jerry Leichter
leichter at lrw.com
Sun Aug 23 07:28:43 EDT 2015
> FYI -- True end2END encryption: your eyes & brain do the decoding; the displays show only garbage.
>
> https://www.usenix.org/system/files/conference/soups2015/soups15-paper-andrabi.pdf
>
> Usability of Augmented Reality for Revealing Secret Messages to Users but Not Their Devices
>
> We evaluate the possibility of a human receiving a secret
> message while trusting no device with the contents of that
> message, by using visual cryptography (VC) implemented
> with augmented-reality displays (ARDs).
> ...
Cute idea, but let's do a simple threat analysis: The device doing the displaying necessarily has access to both images. Such a device necessarily has access to reasonably amounts of computing power. Just what is the extra security threat in letting the device do the combining for you?
You might try to argue that the images to be combined would be hidden in other data, so the device wouldn't know what to combine. But in fact the images are highly distinctive and easy to recognize - they have to be for humans to readily be able to combine them.
I just don't see a situation where having the user combine the images adds anything to the security.
-- Jerry
More information about the cryptography
mailing list