Check out the new USENIX Web site.

USENIX, The Advanced Computing Systems Association

1st USENIX Workshop on Hot Topics in Security

Pp. 31–36 of the Proceedings

Johnny Can Obfuscate: Beyond Mother’s Maiden Name

William Cheswick, Lumeta Corp.


Challenge/response authentication is stronger than password authentication, but has traditionally required a device for computing the challenge. Though human computation is limited, people can compute simple responses to challenges. If the challenge and the corresponding response is obfuscated with decoy information, an authentication scheme might be strong enough for a number of applications. The signs used in major league baseball provide some interesting techniques for obfuscation.
  • View the full text of this paper in PDF.
    Click here if you have forgotten your password Until July 2007, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2006 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.

Last changed: 4 Aug. 2006 ch