Trustware: A Device-based Protocol for Verifying Client Legitimacy
Ben Doyle, Patrick Korth, Kyle Nekritz, Zane Salem
TL;DR
Trustware introduces a device-based protocol enabling clients to prove legitimacy through device verification, offering an alternative to CAPTCHAs by leveraging trusted hardware to enhance security and user experience.
Contribution
The paper presents a novel protocol where client devices generate verifiable passcodes, allowing trusted hardware to confirm user legitimacy without relying on traditional CAPTCHAs.
Findings
Protocol effectively verifies client legitimacy using device hardware.
Reduces reliance on CAPTCHAs, improving user experience.
Enhances security by leveraging trusted device verification.
Abstract
Online services commonly attempt to verify the legitimacy of users with CAPTCHAs. However, CAPTCHAs are annoying for users, often difficult for users to solve, and can be defeated using cheap labor or, increasingly, with improved algorithms. We propose a new protocol for clients to prove their legitimacy, allowing the client's devices to vouch for the client. The client's devices, and those in close proximity, provide a one-time passcode that is verified by the device manufacturer. This verification proves that the client has physical access to expensive and trusted devices, vouching for the client's legitimacy.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsUser Authentication and Security Systems · Bluetooth and Wireless Communication Technologies · Advanced Malware Detection Techniques