AAAI Publications, Third AAAI Conference on Human Computation and Crowdsourcing

Font Size: 
Publishable Humanly Usable Secure Password Creation Schemas
Manuel Blum, Santosh Srinivas Vempala

Last modified: 2015-09-23


What can a human compute in his/her head that a powerful adversary cannot infer? To answer this question, we define a model of human computation and a measure of security. Then, motivated by the special case of password creation, we propose a collection of well-defined password-generation methods. We show that our password generation methods are humanly computable and, to a well-defined extent, machine uncrackable. For the proof of security, we posit that password generation methods are public, but that the human’s privately chosen seed is not, and that the adversary will have observed only a few input-output pairs. Besides the application to password generation, our proposed Human Usability Model (HUM) will have other applications.


Passwords; Human Usability Model; Complexity of Human Computation; Security

Full Text: PDF