BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Janne Lindqvist

Janne Lindqvist contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and SecurityHuman-Computer Interactioncs.CY

Trust snapshot

Quick read

Trust 19 - Baseline
5works
0followers
3topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

5 published item(s)

preprint2015arXiv

Of Two Minds, Multiple Addresses, and One History: Characterizing Opinions, Knowledge, and Perceptions of Bitcoin Across Groups

Digital currencies represent a new method for exchange and investment that differs strongly from any other fiat money seen throughout history. A digital currency makes it possible to perform all financial transactions without the intervention of a third party to act as an arbiter of verification; payments can be made between two people with degrees of anonymity, across continents, at any denomination, and without any transaction fees going to a central authority. The most successful example of this is Bitcoin, introduced in 2008, which has experienced a recent boom of popularity, media attention, and investment. With this surge of attention, we became interested in finding out how people both inside and outside the Bitcoin community perceive Bitcoin -- what do they think of it, how do they feel, and how knowledgeable they are. Towards this end, we conducted the first interview study (N = 20) with participants to discuss Bitcoin and other related financial topics. Some of our major findings include: not understanding how Bitcoin works is not a barrier for entry, although non-user participants claim it would be for them and that user participants are in a state of cognitive dissonance concerning the role of governments in the system. Our findings, overall, contribute to knowledge concerning Bitcoin and attitudes towards digital currencies in general.

0 citations0 reviewsNo code linkedOpen access
preprint2014arXiv

Engineering Gesture-Based Authentication Systems

Gestures are a topic of increasing interest in authentication and successful implementation as a security layer requires reliable gesture recognition. So far much work focuses on new ways to recognize gestures, leaving discussion on the viability of recognition in an authentication scheme to the background. It is unclear how recognition should be deployed for practical and robust real-world authentication. In this article, we analyze the effectiveness of different approaches to recognizing gestures and the potential for use in secure gesture-based authentication systems.

0 citations0 reviewsNo code linkedOpen access
preprint2014arXiv

Text Entry Method Affects Password Security

Text-based passwords continue to be the prime form of authentication to computer systems. Today, they are increasingly created and used with mobile text entry methods, such as touchscreens and mobile keyboards, in addition to traditional physical keyboards. This raises a foundational question for usable security: whether text entry methods affect password generation and password security. This paper presents results from a between-group study with 63 participants, in which each group generated passwords for multiple virtual accounts using a different text entry method. Participants were also asked to recall their passwords afterwards. We applied analysis of structures and probabilities, with standard and recent security metrics and also performed cracking attacks on the collected data. The results show a significant effect of text entry methods on passwords. In particular, one of the experimental groups created passwords with significantly more lowercase letters per password than the control group ($t(60) = 2.99, p = 0.004$). The choices for character types in each group were also significantly different ($p=0.048, FET$). Our cracking attacks consequently expose significantly different resistance across groups ($p=0.031, FET$) and text entry method vulnerabilities. Our findings contribute to the understanding of password security in the context of usable interfaces.

0 citations0 reviewsNo code linkedOpen access
preprint2014arXiv

User-Generated Free-Form Gestures for Authentication: Security and Memorability

This paper studies the security and memorability of free-form multitouch gestures for mobile authentication. Towards this end, we collected a dataset with a generate-test-retest paradigm where participants (N=63) generated free-form gestures, repeated them, and were later retested for memory. Half of the participants decided to generate one-finger gestures, and the other half generated multi-finger gestures. Although there has been recent work on template-based gestures, there are yet no metrics to analyze security of either template or free-form gestures. For example, entropy-based metrics used for text-based passwords are not suitable for capturing the security and memorability of free-form gestures. Hence, we modify a recently proposed metric for analyzing information capacity of continuous full-body movements for this purpose. Our metric computed estimated mutual information in repeated sets of gestures. Surprisingly, one-finger gestures had higher average mutual information. Gestures with many hard angles and turns had the highest mutual information. The best-remembered gestures included signatures and simple angular shapes. We also implemented a multitouch recognizer to evaluate the practicality of free-form gestures in a real authentication system and how they perform against shoulder surfing attacks. We conclude the paper with strategies for generating secure and memorable free-form gestures, which present a robust method for mobile authentication.

0 citations0 reviewsNo code linkedOpen access
preprint2013arXiv

Elastic Pathing: Your Speed is Enough to Track You

Today people increasingly have the opportunity to opt-in to "usage-based" automotive insurance programs for reducing insurance premiums. In these programs, participants install devices in their vehicles that monitor their driving behavior, which raises some privacy concerns. Some devices collect fine-grained speed data to monitor driving habits. Companies that use these devices claim that their approach is privacy-preserving because speedometer measurements do not have physical locations. However, we show that with knowledge of the user's home location, as the insurance companies have, speed data is sufficient to discover driving routes and destinations when trip data is collected over a period of weeks. To demonstrate the real-world applicability of our approach we applied our algorithm, elastic pathing, to data collected over hundreds of driving trips occurring over several months. With this data and our approach, we were able to predict trip destinations to within 250 meters of ground truth in 10% of the traces and within 500 meters in 20% of the traces. This result, combined with the amount of speed data that is being collected by insurance companies, constitutes a substantial breach of privacy because a person's regular driving pattern can be deduced with repeated examples of the same paths with just a few weeks of monitoring.

0 citations0 reviewsNo code linkedOpen access